Date Author Title
2024-01-12Xavier MertensOne File, Two Payloads
2023-08-23Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2023-06-16Xavier MertensAnother RAT Delivered Through VBS
2023-01-25Xavier MertensA First Malicious OneNote Document
2022-11-09Xavier MertensAnother Script-Based Ransomware
2022-11-04Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-09-17Didier StevensVideo: Analyzing Obfuscated VBS with CyberChef
2022-05-05Brad DuncanPassword-protected Excel spreadsheet pushes Remcos RAT
2022-02-18Xavier MertensRemcos RAT Delivered Through Double Compressed Archive
2021-06-04Xavier MertensRussian Dolls VBS Obfuscation
2021-04-28Xavier MertensDeeper Analyzis of my Last Malicious PowerPoint Add-On
2021-03-04Xavier MertensFrom VBS, PowerShell, C Sharp, Process Hollowing to RAT
2020-08-06Xavier MertensA Fork of the FTCode Powershell Ransomware
2020-05-13Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-04-08Brad DuncanGerman malspam pushes ZLoader malware
2020-03-25Brad DuncanRecent Dridex activity
2020-02-22Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2019-11-20Brad DuncanHancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
2019-10-18Xavier MertensQuick Malicious VBS Analysis
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-02-14Xavier MertensOld H-Worm Delivered Through GitHub
2018-09-13Xavier MertensMalware Delivered Through MHT Files
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2017-08-26Didier StevensMalware analysis: searching for dots
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-03-12Guy BruneauHoneypot Logs and Tracking a VBE Script
2010-03-01Mark HofmanIE 0-day using .hlp files
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation