Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-29Malware Traffic AnalysisBrad Duncan
2021-09-29 (Wednesday) - Hancitor with Cobalt Strike
Cobalt Strike Hancitor
2021-09-17Malware Traffic AnalysisBrad Duncan
2021-09-17 - SQUIRRELWAFFLE Loader with Cobalt Strike
Cobalt Strike Squirrelwaffle
2021-09-01InfoSec Handlers Diary BlogBrad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
STRRAT
2021-07-09InfoSec Handlers Diary BlogBrad Duncan
Hancitor tries XLL as initial malware file
Cobalt Strike Hancitor
2021-05-19Palo Alto Networks Unit 42Brad Duncan
BazarCall: Call Centers Help Spread BazarLoader Malware
BazarBackdoor campoloader
2021-04-14InfoSec Handlers Diary BlogBrad Duncan
April 2021 Forensic Quiz: Answers and Analysis
Anchor BazarBackdoor Cobalt Strike
2021-04-07Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Traffic from Hancitor Infections
Hancitor
2021-04-01Palo Alto Networks Unit 42Brad Duncan, Vijay Prakash
Wireshark Tutorial: Decrypting RDP Traffic
2021-04-01Palo Alto Networks Unit 42Brad Duncan
Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool
Cobalt Strike Hancitor Moskalvzapoe
2021-03-30YouTube ( malware-traffic-analysis.net)Brad Duncan
2021-03-29 BazaCall (BazarCall) Example
BazarBackdoor
2021-02-03InfoSec Handlers Diary BlogBrad Duncan
Excel spreadsheets push SystemBC malware
Cobalt Strike SystemBC
2021-01-19Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Examining Emotet Infection Traffic
Emotet GootKit IcedID QakBot TrickBot
2021-01-13InfoSec Handlers Diary BlogBrad Duncan
Hancitor activity resumes after a hoilday break
Hancitor
2021-01-07Palo Alto Networks Unit 42Brad Duncan
TA551: Email Attack Campaign Switches from Valak to IcedID
IcedID
2020-12-09InfoSec Handlers Diary BlogBrad Duncan
Recent Qakbot (Qbot) activity
Cobalt Strike QakBot
2020-10-29Palo Alto Networks Unit 42Brad Duncan, Brittany Barbehenn, Doel Santos
Threat Assessment: Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector
Anchor BazarBackdoor Ryuk TrickBot
2020-09-23paloalto Netoworks: Unit42Brad Duncan
Case Study: Emotet Thread Hijacking, an Email Attack Technique
Emotet
2020-09-10SANS ISC InfoSec ForumsBrad Duncan
Recent Dridex activity
Dridex
2020-09-07Github (pan-unit42)Brad Duncan
Collection of recent Dridex IOCs
Cutwail Dridex
2020-08-21Palo Alto Networks Unit 42Brad Duncan
Wireshark Tutorial: Decrypting HTTPS Traffic
Dridex