Skip to content

tsrvinnie@gmail.com

Threat Analysis

Threat Analysis

vcodispot.com

Menu

  • Home
  • Diary’s
  • Professional
    • Resume
    • Certifications
  • Contact
  • Linkedin
  • About

    Exploit

    Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware

    Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware
    vince April 19, 2020May 9, 2020 Agent Tesla, Exploit, Malware, Netwire, RTF Read more

    Malicious PHP Upload Attempts

    Malicious PHP Upload Attempts

    Malicious PHP upload attempts have been ramping up over the past week. I am beginning to wonder if we are starting to see some more activity from botnets, possibly related to recent DSL & GPON exploit attempts (D-Link & DSL-2750B).

    vince August 28, 2018March 1, 2020 Exploit Read more

    Exploits in the Wild 8/12/2018

    Exploits in the Wild 8/12/2018

    I thought about writing up a short article on exploitation attempts I have been seeing in the wild. This website, services.vcodispot.com, and associated .onion versions sit behind Suricata IPS. Suricata is an open source Network Intrusion Detection System (IDS) or

    vince August 12, 2018March 1, 2020 Exploit, Mirai Read more

    Accessing Windows Workstations (Updated 6/4/2018)

    Accessing Windows Workstations (Updated 6/4/2018)

    Accessing Vulnerable Windows Workstations on Network. (Updated 6/4/2018)     Microsoft has taken preventative measures against vulnerabilities that exist with SMBv1 by no longer including the network protocol after the Windows 10 Fall Creators Update and Windows Server, version 1709

    vince November 13, 2017March 1, 2020 Exploit, Linux, Windows Read more

    Geo-IP & System Info.

    Diary’s

    • Venmo Phishing Deploying Keylogger via Discord’s CDN
    • Emotet Makes Its Way to the Domain Controller
    • Emotet Analysis – The Revival
    • Zloader Infection Analysis
    • Maze Ransomware Analysis
    • Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware
    • Extracting Encrypted KPOT Malware Pushed via COVID-19 Malspam
    • XSS JavaScript with Anti-Analysis Technique
    • Corrupted UPX Packed ELF Repair
    • Emotet VBA Analysis

    vcodispot.com | Threat Analysis Copyright ©2021