Skip to content

tsrvinnie@gmail.com

Threat Analysis

Threat Analysis

vcodispot.com

Menu

  • Home
  • Diary’s
  • Professional
    • Resume
    • Certifications
  • Contact
  • Linkedin
  • About

    Forensics

    Venmo Phishing Deploying Keylogger via Discord’s CDN

    Venmo Phishing Deploying Keylogger via Discord’s CDN

    Venmo phishing email with an ISO file containing VBScript acting as a downloader for additional malware components downloaded from Discord’s CDN leading to keylogging functionality on the infected system.

    vince February 27, 2021February 27, 2021 Forensics, Keylogger, Obfuscation, Reverse Analysis Read more

    Maze Ransomware Analysis

    Maze Ransomware Analysis
    vince May 12, 2020May 12, 2020 Forensics, Maze Ransomware Read more

    Extracting Encrypted KPOT Malware Pushed via COVID-19 Malspam

    Extracting Encrypted KPOT Malware Pushed via COVID-19 Malspam
    vince March 30, 2020March 31, 2020 Forensics, Malware, Obfuscation, Social Engineering Read more

    Data Dump(dd) to Create a Forensic Image with Linux

    Data Dump(dd) to Create a Forensic Image with Linux    There are a few Linux distributions designed specifically for digital forensics. These flavors contain examiner tools, and are configured not to mount (or mount as read only) a connected storage

    vince July 4, 2017March 1, 2020 Forensics, Linux Read more

    Extract GPS Coordinates from Digital Photos

    Extract GPS Coordinates from Digital Photos How to use the Exif Tool to extract GPS coordinates from a digital photograph. Location services will usually have to have been enabled for photos on the device. Exchangeable image file format (EXIF) can be important

    vince June 11, 2017 Forensics Read more

    Crack Windows Passwords with Registry Hives

    Crack Windows Passwords with Registry Hives This guide will instruct you through capturing the registry files off of a running Windows workstation. Then, use pwdump to extract the LM/NTLM hashes to crack at Crackstation. Launch FTK Imager from USB Go to

    vince June 8, 2017 Forensics Read more

    RAM Acquisition with FTK imager and Volatility

    RAM Acquisition with FTK imager and Volatility This RAM acquisition guide will work on all current versions of Windows, including Windows Server. However, not all volatility commands are compatible with each version of Windows. Volatility is a CLI tool for

    vince June 1, 2017 Forensics Read more

    Geo-IP & System Info.

    Diary’s

    • Template Injection Vector Maldoc Analysis
    • Venmo Phishing Deploying Keylogger via Discord’s CDN
    • Emotet Makes Its Way to the Domain Controller
    • Emotet Analysis – The Revival
    • Zloader Infection Analysis
    • Maze Ransomware Analysis
    • Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware
    • Extracting Encrypted KPOT Malware Pushed via COVID-19 Malspam
    • XSS JavaScript with Anti-Analysis Technique
    • Corrupted UPX Packed ELF Repair

    vcodispot.com | Threat Analysis Copyright ©2021