Tag Archives: Security

A quick look at the current emotet encoding

I have went thru several samples today of this type of encoding but todays sample will be from ExecuteMalware @executemalware located here and the Twitter reference is here. Here we can see that only 3 of the urls are displayed. … Continue reading

Posted in Malware, Programming, security | Tagged , , | Leave a comment

A deeper look inside one of the new Emotet Malware Docs

The sample here comes from a quick search supplied by ANY.RUN @anyrun_app  of #emotet-doc to filter quickly on documents you want to look at. Twitter reference Here and the link to the file we are going to use Here. One … Continue reading

Posted in Malware | Tagged , , , | Leave a comment

A look at a bmp file with embedded shellcode

The sample today is from PaulM @melsonp While watching his BSIDES Augusta talk from 2018  Here,  at that the end he shows a picture file that gets downloaded from a layered PowerShell script. He was kind enough to send me … Continue reading

Posted in Malware, PowerShell, security | Tagged , , | Leave a comment

A deeper look into a wild VBA Macro

This Sample comes from Brad Duncan @malware_traffic from his SANS ICS Diary located Here and the Files on His blog Here. For this session I will be using “2019-01-23-example-of-attached-Word-doc-1-of-7” word document. I ended up looking at this from different directions … Continue reading

Posted in Malware, Programming, VBScript | Tagged ,

Extracting and decoding malicious macros

The sample used here is from the video from  Karsten Hahn @struppigel . If you have not seen any of them before I would highly recommend checking them out. The video can be found here https://youtu.be/SCJVW1E8dFA The Sample can Be … Continue reading

Posted in Malware, security | Tagged , ,


In this Traffic we get the chance to look at 2 infections from the same site, but I will concentrate mainly on the exploit kits themselves and the similarities between them noticed while looking at the decoded source code. You … Continue reading

Posted in Malware, Networking, security | Tagged , ,


Rootkits have become the most devious method of hiding malware on a system. They are being employed to every sector from the home user to government to private industry.The monetary and information losses along with infrastructure disruption will continue to … Continue reading

Posted in RootAdmin | Tagged