Date Author Title
2022-09-18Tom WebbPreventing ISO Malware
2022-02-11Xavier MertensCinaRAT Delivered Through HTML ID Attributes
2021-11-19Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-11-04Brad DuncanOctober 2021 Forensic Contest: Answers and Analysis
2021-09-08Brad Duncan"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-08-11Brad DuncanTA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-05-18Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-02-24Brad DuncanMalspam pushes GuLoader for Remcos RAT
2020-10-22Jan KoprivaBazarLoader phishing lures: plan a Halloween party, get a bonus and be fired in the same afternoon
2020-06-10Brad DuncanJob application-themed malspam pushes ZLoader
2020-05-24Didier StevensZloader Maldoc Analysis With xlm-deobfuscator
2020-04-08Brad DuncanGerman malspam pushes ZLoader malware
2019-12-05Jan KoprivaE-mail from Agent Tesla
2019-07-02Xavier MertensMalicious Script With Multiple Payloads
2017-02-10Brad DuncanHancitor/Pony malspam