Malware
SANS ISC Diary - From small LNK to large malicious BAT file with zero VT score
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a malicious BAT file which was used in a phishing campaign last week and according to VirusTotal is still being detected as benign by all anti-virus engines it has access to…

Malware analysis - 'video write-up' of one of the ECSC 2021 challenges
· β˜• 1 min read
I published a new video on YouTube today, which shows one possible solution for a 'malware analysis task' which I prepared for the final round of last year's European Cyber Security Challenge. If you would like to take a closer look at the multi-stage 'malware' which contestants in the ECSC 2021 had to analyze, or if you would like to try to analyze the sample yourself, now you have a chance to do so...

List of free online malware analysis sandboxes v1.7
· β˜• 1 min read
Since the online malware sandbox landscape has changed somewhat over the last six months, I have updated my list of most useful sandboxes to reflect these changes. One improvement that deserves a special mention was a significant increase in number of supported operating systems by the Hatching Triage platform...

SANS ISC Diary - Malspam with Lokibot vs. Outlook and RFCs
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center website. In it, we’ll take a look at an interesting malspam message carrying the Lokibot infostealer and also causing quite unusual behavior in Outlook…