Antivirus_Event_Analysis_1.11.pdf
56.8 KB
#Infographics
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.11.0.
]-> https://www.nextron-systems.com/2023/01/13/antivirus-event-analysis-cheat-sheet-v1-11-0
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.11.0.
]-> https://www.nextron-systems.com/2023/01/13/antivirus-event-analysis-cheat-sheet-v1-11-0
Vjw0rm.pdf
5 MB
#Malware_analysis
How to Analyze JavaScript Malware - A Case Study of Vjw0rm
How to Analyze JavaScript Malware - A Case Study of Vjw0rm
#Malware_analysis
Analysis of CVE-2022-42475 - FortiOS - heap-based buffer overflow in SSLVPNd
https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd
Analysis of CVE-2022-42475 - FortiOS - heap-based buffer overflow in SSLVPNd
https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd
Fortinet Blog
Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd | Fortinet Blog
Fortinet published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. This blog details our initial investigation into this malware and additional IoCs identified during our on…
#Malware_analysis
1. Analyzing Rhadamanthys Stealer
https://elis531989.medium.com/dancing-with-shellcodes-analyzing-rhadamanthys-stealer-3c4986966a88
2. BianLian Ransomware (Decrypted)
https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware
1. Analyzing Rhadamanthys Stealer
https://elis531989.medium.com/dancing-with-shellcodes-analyzing-rhadamanthys-stealer-3c4986966a88
2. BianLian Ransomware (Decrypted)
https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware
Medium
Dancing With Shellcodes: Analyzing Rhadamanthys Stealer
Threat Background
Forwarded from Deadly malware xp
#Malware_analysis
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
WeLiveSecurity
StrongPity espionage campaign targeting Android users
ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.
#Threat_Research
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Malware_analysis
1. Analyzing Malicious OneNote Documents
https://blog.didierstevens.com/2023/01/22/analyzing-malicious-onenote-documents
2. Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
https://securelist.com/roaming-mantis-dns-changer-in-malicious-mobile-app/108464
1. Analyzing Malicious OneNote Documents
https://blog.didierstevens.com/2023/01/22/analyzing-malicious-onenote-documents
2. Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
https://securelist.com/roaming-mantis-dns-changer-in-malicious-mobile-app/108464
#Malware_analysis
Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
LODEINFO.pdf
14.9 MB
#Malware_analysis
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
Forwarded from Tʀɪᴄᴋʏ Pᴇɴɢᴜɪɴ ( trickypenguin.ink )
Malware is a type of software that is designed to cause harm to a computer or its users. It can be used to steal personal information, damage files, or even take control of a computer.
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
#malware #botnets #torjan
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
#malware #botnets #torjan