Click here to download all references as Bib-File.•
| 2025-03-13
⋅
Medium walmartglobaltech
⋅
ArechClient; Decoding IOCs and finding the onboard browser extension SectopRAT |
| 2025-03-12
⋅
Medium walmartglobaltech
⋅
Golang backdoor with a side of ChromeUpdateAlert App |
| 2025-01-20
⋅
Medium walmartglobaltech
⋅
Qbot is Back.Connect ReedBed UNC4393 |
| 2024-06-19
⋅
Medium walmartglobaltech
⋅
Spectre (SPC) v9 Campaigns and Updates Spectre Rat |
| 2024-03-13
⋅
Medium walmartglobaltech
⋅
NewBot Loader NewBot Loader |
| 2024-03-05
⋅
Medium walmartglobaltech
⋅
Unknown Nim Loader using PSBypassCLM Unidentified 115 (Nim Loader) |
| 2024-01-16
⋅
Medium walmartglobaltech
⋅
Keyhole Analysis IcedID Keyhole |
| 2023-10-20
⋅
Medium walmartglobaltech
⋅
IcedID gets Loaded Latrodectus |
| 2023-08-30
⋅
Medium walmartglobaltech
⋅
Gazavat / Expiro DMSniff connection and DGA analysis DMSniff Expiro Gazavat |
| 2023-07-29
⋅
Medium walmartglobaltech
⋅
Unknown powershell backdoor with ties to new Zloader Zloader |
| 2023-07-18
⋅
Medium walmartglobaltech
⋅
NemesisProject Nemesis |
| 2023-05-09
⋅
Medium walmartglobaltech
⋅
MetaStealer string decryption and DGA overview MetaStealer |
| 2023-03-10
⋅
Medium walmartglobaltech
⋅
From Royal With Love Cobalt Strike Conti PLAY Royal Ransom Somnia |
| 2023-02-24
⋅
Medium walmartglobaltech
⋅
Qbot testing malvertising campaigns? QakBot |
| 2022-10-25
⋅
Medium walmartglobaltech
⋅
Brute Ratel Config Decoding update Brute Ratel C4 |
| 2022-09-30
⋅
Medium walmartglobaltech
⋅
Diavol resurfaces Diavol |
| 2022-08-11
⋅
Medium walmartglobaltech
⋅
State of the Remote Access Tools, Part 1 |
| 2022-08-09
⋅
Medium walmartglobaltech
⋅
Pivoting on a SharpExt to profile Kimusky panels for great good Kimsuky |
| 2022-08-04
⋅
Medium walmartglobaltech
⋅
IcedID leverages PrivateLoader IcedID PrivateLoader |
| 2022-06-02
⋅
Twitter (@sysopfb)
⋅
Tweets on UpdateAgent - GolangVersion UpdateAgent |