Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-01-12
Xavier Mertens
One File, Two Payloads
2023-08-23
Xavier Mertens
More Exotic Excel Files Dropping AgentTesla
2023-06-16
Xavier Mertens
Another RAT Delivered Through VBS
2023-01-25
Xavier Mertens
A First Malicious OneNote Document
2022-11-09
Xavier Mertens
Another Script-Based Ransomware
2022-11-04
Xavier Mertens
Remcos Downloader with Unicode Obfuscation
2022-09-17
Didier Stevens
Video: Analyzing Obfuscated VBS with CyberChef
2022-05-05
Brad Duncan
Password-protected Excel spreadsheet pushes Remcos RAT
2022-02-18
Xavier Mertens
Remcos RAT Delivered Through Double Compressed Archive
2021-06-04
Xavier Mertens
Russian Dolls VBS Obfuscation
2021-04-28
Xavier Mertens
Deeper Analyzis of my Last Malicious PowerPoint Add-On
2021-03-04
Xavier Mertens
From VBS, PowerShell, C Sharp, Process Hollowing to RAT
2020-08-06
Xavier Mertens
A Fork of the FTCode Powershell Ransomware
2020-05-13
Brad Duncan
Malspam with links to zip archives pushes Dridex malware
2020-04-08
Brad Duncan
German malspam pushes ZLoader malware
2020-03-25
Brad Duncan
Recent Dridex activity
2020-02-22
Xavier Mertens
Simple but Efficient VBScript Obfuscation
2020-02-07
Xavier Mertens
Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2019-11-20
Brad Duncan
Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
2019-10-18
Xavier Mertens
Quick Malicious VBS Analysis
2019-08-22
Xavier Mertens
Simple Mimikatz & RDPWrapper Dropper
2019-02-14
Xavier Mertens
Old H-Worm Delivered Through GitHub
2018-09-13
Xavier Mertens
Malware Delivered Through MHT Files
2018-05-25
Xavier Mertens
Antivirus Evasion? Easy as 1,2,3
2017-08-26
Didier Stevens
Malware analysis: searching for dots
2017-07-08
Xavier Mertens
A VBScript with Obfuscated Base64 Data
2017-03-12
Guy Bruneau
Honeypot Logs and Tracking a VBE Script
2010-03-01
Mark Hofman
IE 0-day using .hlp files
2008-04-03
Bojan Zdrnja
Mixed (VBScript and JavaScript) obfuscation
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed