labs
Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign Macros
A widespread phishing campaign in operation since May is using a mix of old and new evasion tricks to drop IcedID malware.
Read More
labs
labs
Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers
This crypto mining campaign doesn’t use notable exploit components but leverages shell scripts to infect cloud containers and bypass AVs.
Read More
labs
A Deep Dive into Zebrocy’s Dropper Docs
A new APT28 campaign targets Kazakhstan with Delphocy malware. We show how to reverse engineer the dropper and bypass the VBA macro’s password protection.
Read More
labs
Top 15 Essential Malware Analysis Tools
Get your malware analysis toolkit up-to-speed! From disassemblers and debuggers to hex editors and SSL interception tools, you’ll find them all here.
Read More
labs
A Guide to Ghidra Scripting Development for Malware Researchers
Automation is the key to becoming a more effective malware analyst, and Ghidra scripting is an essential tool in your arsenal. Get started here!
Read More
labs
Building a Custom Malware Analysis Lab Environment
Building the right malware analysis environment is the first step for every researcher. We show how it’s done and offer some free custom tools for your use.
Read More
labs
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
Our analysis of the SUPERNOVA trojan reveals the differences between the legitimate DLL and the attacker’s implant, along with some new IoCs for detection.
Read More
labs
An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques
Ryuk’s success is based partly on leveraging other toolkits and vulns, partly on its encryption speed and evasion tricks. We tear it down for a closer look.
Read More