Click here to download all references as Bib-File.•
| 2024-04-04
⋅
InfoSec Handlers Diary Blog
⋅
Slicing up DoNex with Binary Ninja Donex |
| 2023-04-12
⋅
InfoSec Handlers Diary Blog
⋅
Recent IcedID (Bokbot) activity IcedID PhotoLoader |
| 2022-06-09
⋅
InfoSec Handlers Diary Blog
⋅
TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) QakBot |
| 2022-05-19
⋅
InfoSec Handlers Diary Blog
⋅
Bumblebee Malware from TransferXL URLs BumbleBee Cobalt Strike |
| 2022-05-19
⋅
InfoSec Handlers Diary Blog
⋅
Bumblebee Malware from TransferXL URLs BumbleBee Cobalt Strike |
| 2022-05-11
⋅
InfoSec Handlers Diary Blog
⋅
TA578 using thread-hijacked emails to push ISO files for Bumblebee malware BumbleBee Cobalt Strike IcedID PhotoLoader |
| 2022-05-09
⋅
InfoSec Handlers Diary Blog
⋅
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File Octopus |
| 2022-04-06
⋅
InfoSec Handlers Diary Blog
⋅
Windows MetaStealer Malware MetaStealer |
| 2022-03-23
⋅
InfoSec Handlers Diary Blog
⋅
Arkei Variants: From Vidar to Mars Stealer Arkei Stealer Mars Stealer Oski Stealer Vidar |
| 2022-03-23
⋅
InfoSec Handlers Diary Blog
⋅
Arkei Variants: From Vidar to Mars Stealer Arkei Stealer Mars Stealer Vidar |
| 2022-03-16
⋅
InfoSec Handlers Diary Blog
⋅
Qakbot infection with Cobalt Strike and VNC activity Cobalt Strike QakBot |
| 2022-01-19
⋅
InfoSec Handlers Diary Blog
⋅
0.0.0.0 in Emotet Spambot Traffic Emotet |
| 2021-12-31
⋅
InfoSec Handlers Diary Blog
⋅
Do you want your Agent Tesla in the 300 MB or 8 kB package? Agent Tesla |
| 2021-12-30
⋅
InfoSec Handlers Diary Blog
⋅
Agent Tesla Updates SMTP Data Exfiltration Technique Agent Tesla |
| 2021-12-20
⋅
InfoSec Handlers Diary Blog
⋅
PowerPoint attachments, Agent Tesla and code reuse in malware Agent Tesla |
| 2021-12-16
⋅
InfoSec Handlers Diary Blog
⋅
How the "Contact Forms" campaign tricks people IcedID |
| 2021-11-16
⋅
InfoSec Handlers Diary Blog
⋅
Emotet Returns Emotet |
| 2021-09-01
⋅
InfoSec Handlers Diary Blog
⋅
STRRAT: a Java-based RAT that doesn't care if you have Java STRRAT |
| 2021-07-24
⋅
InfoSec Handlers Diary Blog
⋅
Agent.Tesla Dropped via a .daa Image and Talking to Telegram Agent Tesla |
| 2021-07-09
⋅
InfoSec Handlers Diary Blog
⋅
Hancitor tries XLL as initial malware file Cobalt Strike Hancitor |