Click here to download all references as Bib-File.
| 2022-06-16 ⋅ SANS ISC ⋅ Houdini is Back Delivered Through a JavaScript Dropper Houdini |
| 2022-05-20 ⋅ SANS ISC ⋅ A 'Zip Bomb' to Bypass Security Controls & Sandboxes BitRAT |
| 2022-05-09 ⋅ InfoSec Handlers Diary Blog ⋅ Octopus Backdoor is Back with a New Embedded Obfuscated Bat File Octopus |
| 2022-04-25 ⋅ SANS ISC ⋅ Simple PDF Linking to Malicious Content |
| 2022-03-25 ⋅ SANS ISC ⋅ XLSB Files: Because Binary is Stealthier Than XML QakBot |
| 2022-02-18 ⋅ SANS ISC ⋅ Remcos RAT Delivered Through Double Compressed Archive Remcos |
| 2022-02-11 ⋅ blog.rootshell.be ⋅ [SANS ISC] CinaRAT Delivered Through HTML ID Attributes Quasar RAT |
| 2022-01-20 ⋅ blog.rootshell.be ⋅ [SANS ISC] RedLine Stealer Delivered Through FTP RedLine Stealer |
| 2022-01-20 ⋅ SANS ISC InfoSec Forums ⋅ RedLine Stealer Delivered Through FTP RedLine Stealer |
| 2021-07-24 ⋅ InfoSec Handlers Diary Blog ⋅ Agent.Tesla Dropped via a .daa Image and Talking to Telegram Agent Tesla |
| 2021-03-31 ⋅ InfoSec Handlers Diary Blog ⋅ Quick Analysis of a Modular InfoStealer Amadey |
| 2021-03-29 ⋅ InfoSec Handlers Diary Blog ⋅ Jumping into Shellcode |
| 2021-02-12 ⋅ InfoSec Handlers Diary Blog ⋅ AgentTesla Dropped Through Automatic Click in Microsoft Help File Agent Tesla |
| 2021-01-22 ⋅ InfoSec Handlers Diary Blog ⋅ Another File Extension to Block in your MTA: .jnlp |
| 2021-01-21 ⋅ InfoSec Handlers Diary Blog ⋅ Powershell Dropping a REvil Ransomware REvil |
| 2020-12-24 ⋅ InfoSec Handlers Diary Blog ⋅ Malicious Word Document Delivering an Octopus Backdoor Octopus |
| 2020-11-19 ⋅ SANS ISC InfoSec Forums ⋅ PowerShell Dropper Delivering Formbook Formbook |
| 2020-07-14 ⋅ blog.rootshell.be ⋅ Simple DGA Spotted in a Malicious PowerShell |
| 2020-05-23 ⋅ InfoSec Handlers Diary Blog ⋅ AgentTesla Delivered via a Malicious PowerPoint Add-In Agent Tesla |
| 2018-05-19 ⋅ Malicious Powershell Targeting UK Bank Customers sLoad |