Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

FICKER STEALER

2021-07-09Brad DuncanHancitor tries XLL as initial malware file
2021-06-30Brad DuncanJune 2021 Forensic Contest: Answers and Analysis

FICKER

2021-07-09/a>Brad DuncanHancitor tries XLL as initial malware file
2021-06-30/a>Brad DuncanJune 2021 Forensic Contest: Answers and Analysis
2010-11-17/a>Guy BruneauConficker B++ Activated on Nov 15
2009-09-26/a>Kyle HaugsnessConficker detection hints
2009-09-25/a>Deborah HaleConficker Continues to Impact Networks
2009-09-23/a>Marcus SachsAddendum to SRI's Conficker C Analysis Published
2009-04-16/a>Adrien de BeaupreSome conficker lessons learned
2009-04-09/a>Johannes UllrichConficker update with payload
2009-04-09/a>Jim ClausingConficker Working Group site down
2009-04-05/a>Marcus SachsOpen Source Conficker-C Scanner/Detector Released
2009-04-02/a>Handlers A view from the CWG Trenches
2009-03-30/a>Daniel WesemannLocate Conficker infected hosts with a network scan!
2009-03-29/a>Chris CarboniApril 1st - What Will Really Happen?
2009-02-13/a>Andre LudwigThird party information on conficker
2009-02-10/a>Bojan ZdrnjaMore tricks from Conficker and VM detection
2009-02-09/a>Bojan ZdrnjaSome tricks from Conficker's bag
2009-01-16/a>G. N. WhiteConficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines
2009-01-15/a>Bojan ZdrnjaConficker's autorun and social engineering
2009-01-12/a>William SaluskyDownadup / Conficker - MS08-067 exploit and Windows domain account lockout

STEALER

2021-12-01/a>Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data
2021-07-09/a>Brad DuncanHancitor tries XLL as initial malware file
2021-06-30/a>Brad DuncanJune 2021 Forensic Contest: Answers and Analysis
2021-04-06/a>Jan KoprivaMalspam with Lokibot vs. Outlook and RFCs
2021-03-31/a>Xavier MertensQuick Analysis of a Modular InfoStealer
2019-11-27/a>Brad DuncanFinding an Agent Tesla malware sample
2019-10-09/a>Brad DuncanWhat data does Vidar malware steal from an infected host?
2019-01-24/a>Brad DuncanMalspam with Word docs uses macro to run Powershell script and steal system data
2017-03-08/a>Xavier MertensNot All Malware Samples Are Complex