Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-01SANS ISCXavier Mertens
Malware Dropped Through a ZPAQ Archive
2022-06-16SANS ISCXavier Mertens
Houdini is Back Delivered Through a JavaScript Dropper
Houdini
2022-05-20SANS ISCXavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
BitRAT
2022-05-09InfoSec Handlers Diary BlogXavier Mertens
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
Octopus
2022-04-25SANS ISCXavier Mertens
Simple PDF Linking to Malicious Content
2022-03-25SANS ISCXavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
QakBot
2022-02-18SANS ISCXavier Mertens
Remcos RAT Delivered Through Double Compressed Archive
Remcos
2022-02-11blog.rootshell.beXavier Mertens
[SANS ISC] CinaRAT Delivered Through HTML ID Attributes
Quasar RAT
2022-01-20blog.rootshell.beXavier Mertens
[SANS ISC] RedLine Stealer Delivered Through FTP
RedLine Stealer
2022-01-20SANS ISC InfoSec ForumsXavier Mertens
RedLine Stealer Delivered Through FTP
RedLine Stealer
2021-07-24InfoSec Handlers Diary BlogXavier Mertens
Agent.Tesla Dropped via a .daa Image and Talking to Telegram
Agent Tesla
2021-03-31InfoSec Handlers Diary BlogXavier Mertens
Quick Analysis of a Modular InfoStealer
Amadey
2021-03-29InfoSec Handlers Diary BlogXavier Mertens
Jumping into Shellcode
2021-02-12InfoSec Handlers Diary BlogXavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla
2021-01-22InfoSec Handlers Diary BlogXavier Mertens
Another File Extension to Block in your MTA: .jnlp
2021-01-21InfoSec Handlers Diary BlogXavier Mertens
Powershell Dropping a REvil Ransomware
REvil
2020-12-24InfoSec Handlers Diary BlogXavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
Octopus
2020-11-19SANS ISC InfoSec ForumsXavier Mertens
PowerShell Dropper Delivering Formbook
Formbook
2020-07-14blog.rootshell.beXavier Mertens
Simple DGA Spotted in a Malicious PowerShell
2020-05-23InfoSec Handlers Diary BlogXavier Mertens
AgentTesla Delivered via a Malicious PowerPoint Add-In
Agent Tesla
2018-05-19Xavier Mertens
Malicious Powershell Targeting UK Bank Customers
sLoad
2017-07-08InfoSec Handlers Diary BlogXavier Mertens
A VBScript with Obfuscated Base64 Data
Revenge RAT