unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup
Everyone who has delved a bit into malware analysis knows that you don’t actually need...
2024-3-28 19:39:46 | 阅读: 12 |
收藏
|
cyber.wtf - cyber.wtf
qiling
emulation
acidrain
0x3
sda
Recovering data from broken appliance VMDKs
Once in a while, a customer may give you a virtual disk image for an appliance that nee...
2024-3-1 01:4:24 | 阅读: 10 |
收藏
|
cyber.wtf - cyber.wtf
vmdk
sectors
incomplete
dealing
sparse
The csharp-streamer RAT
In an Incident Response case earlier this year, we encountered an interesting piece of...
2023-12-6 20:42:11 | 阅读: 12 |
收藏
|
cyber.wtf - cyber.wtf
powershell
streamer
csharp
library
ransomware
Config Extraction from in-memory CobaltStrike Beacons
Recently we had a case where threat actors deployed CobaltStrike, which has become a co...
2023-10-13 21:43:33 | 阅读: 14 |
收藏
|
cyber.wtf - cyber.wtf
beacon
memory
dmp
volatility
QakBot Takedown Payload Analysis
In a recent international operation, law enforcement agencies from the US and EU...
2023-9-1 20:33:52 | 阅读: 17 |
收藏
|
cyber.wtf - cyber.wtf
qakbot
shellcode
library
payload
victim
Defeating VMProtect’s Latest Tricks
A colleague of mine recently came across a SystemBC sample that is protected with VMPro...
2023-2-9 18:42:4 | 阅读: 46 |
收藏
|
cyber.wtf - cyber.wtf
vmprotect
windows
scyllahide
packer
debugger
Windows Registry Analysis – Today’s Episode: Tasks
When it comes to persistence of common off-the-shelf malware, the most commonly observe...
2022-6-1 20:25:17 | 阅读: 17 |
收藏
|
cyber.wtf
aligned
bstr
duration
repetition
windows
What the Pack(er)?
Lately, I broke one of the taboos of malware analysis: looking into the packer st...
2022-3-23 22:17:22 | 阅读: 18 |
收藏
|
cyber.wtf
epoch
drops
payload
A Chapter Closes
When we registered the domain cyber.wtf, G DATA Advanced Analytics (ADAN) was onl...
2022-2-23 01:3:59 | 阅读: 22 |
收藏
|
cyber.wtf
adan
security
25t10
grown
wtfcreation
Guess who’s back
tl;dr: EmotetThe (slighty) longer story:On Sunday, November 14, at around 9:2...
2021-11-16 02:21:21 | 阅读: 79 |
收藏
|
cyber.wtf
microsoft
rundll32
rundll
loader
Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers
After some weeks of not seeing the RDP scanner module of Trickbot, I recently obse...
2020-08-31 16:02:00 | 阅读: 21 |
收藏
|
cyber.wtf
username
letters
capitalized
digits
needle
Using IDA Python to analyze Trickbot
When analyzing malware, one often has to deal with lots of tricks and obfuscation techniques. In...
2019-03-22 17:03:49 | 阅读: 16 |
收藏
|
cyber.wtf
42a648
python
itp
analysis
decompiler
Dissecting GandCrab Version 4.3
GandCrab is a ransomware that has been around for over a year and steadily altere...
2018-11-13 00:42:48 | 阅读: 15 |
收藏
|
cyber.wtf
gandcrab
x90
encryption
network
windows
One framework to build them all, one framework to name them, and in their IDBs to bind them
Authors: Luca Ebach, Tilman FroschRejoice everyone, today we pushed bindifflib to...
2018-09-21 17:32:55 | 阅读: 11 |
收藏
|
cyber.wtf
bindifflib
library
compilers
github
pushed
Dissecting Olympic Destroyer – a walk-through
After a destructive cyber attack had hit this year’s olympics, the malware was quickly dubbed Ol...
2018-03-28 21:41:22 | 阅读: 11 |
收藏
|
cyber.wtf
destroyer
olympic
spreading
network
remote
In debt to Retpoline
Appendix was added on the 14th of Febuary 2018, in response to comments made to m...
2018-02-13 18:22:11 | 阅读: 7 |
收藏
|
cyber.wtf
retpoline
rsb
software
lfence
cpus
Behind the scenes of a bug collision
IntroductionIn this blog post I’ll speculate as to how we ended up with multiple...
2018-01-05 22:47:40 | 阅读: 8 |
收藏
|
cyber.wtf
daniel
kaslr
meltdown
security
covert
Emotet drops ZeuS Panda targeting German and Austrian online banking users
Emotet is currently one of the prevalent threats on the Internet. The former banking...
2017-11-27 22:11:31 | 阅读: 10 |
收藏
|
cyber.wtf
zeus
panda
trojan
c2
webinjects
Emotet harvests Microsoft Outlook
The original German blog post can be found on the G DATA Blog.Emotet has been kno...
2017-10-12 22:42:10 | 阅读: 10 |
收藏
|
cyber.wtf
attacker
mails
relation
relations
recipients
DGA classification and detection for automated malware analysis
Botnets are one of the biggest current threats for devices connected to the inter...
2017-08-30 18:04:19 | 阅读: 11 |
收藏
|
cyber.wtf
dga
tinba
calculated
analysis
ratio
Previous
1
2
3
4
5
6
7
8
Next