Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

DLL HIJACKING

2016-06-03Tom ListonMySQL is YourSQL
2010-08-23Bojan ZdrnjaDLL hijacking vulnerabilities

DLL

2021-07-06/a>Xavier MertensPython DLL Injection Check
2021-06-04/a>Xavier MertensRussian Dolls VBS Obfuscation
2021-05-21/a>Xavier MertensLocking Kernel32.dll As Anti-Debugging Technique
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-03-31/a>Xavier MertensQuick Analysis of a Modular InfoStealer
2021-03-29/a>Xavier MertensJumping into Shellcode
2021-03-03/a>Brad DuncanQakbot infection with Cobalt Strike
2021-02-17/a>Brad DuncanMalspam pushing Trickbot gtag rob13
2021-02-11/a>Jan KoprivaAgent Tesla hidden in a historical anti-malware tool
2021-01-26/a>Brad DuncanTA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20/a>Brad DuncanQakbot activity resumes after holiday break
2020-09-10/a>Brad DuncanRecent Dridex activity
2020-08-28/a>Xavier MertensExample of Malicious DLL Injected in PowerShell
2020-06-10/a>Brad DuncanJob application-themed malspam pushes ZLoader
2020-05-13/a>Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-04-08/a>Brad DuncanGerman malspam pushes ZLoader malware
2020-03-25/a>Brad DuncanRecent Dridex activity
2019-09-06/a>Xavier MertensPowerShell Script with a builtin DLL
2018-11-06/a>Xavier MertensMalicious Powershell Script Dissection
2018-08-21/a>Xavier MertensMalicious DLL Loaded Through AutoIT
2016-06-03/a>Tom ListonMySQL is YourSQL
2015-09-29/a>Pedro BuenoTricks for DLL analysis
2013-11-09/a>Guy BruneauIE Zero-Day Vulnerability Exploiting msvcrt.dll
2010-12-01/a>Deborah HaleMcAfee Security Bulletin Released
2010-08-23/a>Bojan ZdrnjaDLL hijacking vulnerabilities
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2006-09-19/a>Swa FrantzenYet another MSIE 0-day: VML

HIJACKING

2019-07-13/a>Guy BruneauGuidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2016-06-03/a>Tom ListonMySQL is YourSQL
2011-11-28/a>Tom ListonA Puzzlement...
2011-10-10/a>Tom ListonWhat's In A Name?
2010-08-23/a>Bojan ZdrnjaDLL hijacking vulnerabilities
2009-12-17/a>Daniel Wesemannoverlay.xul is back
2008-10-17/a>Patrick NolanDay 17 - Containing a DNS Hijacking
2008-10-08/a>Johannes UllrichDomaincontrol (GoDaddy) Nameservers DNS Poisoning