Template Injection Vector Maldoc Analysis
Venmo Phishing Deploying Keylogger via Discord’s CDN
Venmo phishing email with an ISO file containing VBScript acting as a downloader for additional malware components downloaded from Discord’s CDN leading to keylogging functionality on the infected system.
Emotet Makes Its Way to the Domain Controller
I decided to re-visit the Emotet analysis after receiving some indications that the infection had made its way to my labs Domain Controller.
Emotet Analysis – The Revival
Zloader Infection Analysis
Maze Ransomware Analysis
Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware
Extracting Encrypted KPOT Malware Pushed via COVID-19 Malspam
XSS JavaScript with Anti-Analysis Technique
Investigation into interesting Snort signatures uncovered XSS with anti-analysis code.
Corrupted UPX Packed ELF Repair
UPX packed ELF file with the “p_info” section replaced with zeros.