New! CNAPP That Helps You Think Like an Attacker with Singularity Cloud Native Security. Learn More New! Singularity™ Cloud Native Security

Experiencing a Breach?

Small Business
Contact
Cybersecurity Blog

en

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Platform Overview
Data & AI
Endpoint Security
Cloud Security
Identity Security
- Singularity Identity Identity Threat Detection
  and Response
- Singularity Hologram Deception Protection

Why SentinelOne?

Why SentinelOne?
Compare SentinelOne
Verticals

Strategic Services
- PinnacleOne Strategic Advisory Group
Services Overview
Threat Services
Support, Deployment, & Health

Our Network
Program Overview

Resource Center
View All Resources
Blog
Blog
Tech Resources

About SentinelOne

en

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Daniel Bunce

Building A Custom Tool For Shellcode Analysis

From the Front Lines | 6 minute read

Writing Malware Traffic Decrypters For ISFB Ursnif 3 1

Writing Malware Traffic Decrypters for ISFB/Ursnif

Daniel Bunce / October 17, 2019

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Writing Malware Configuration Extractors For ISFB Ursnif 3

Writing Malware Configuration Extractors for ISFB/Ursnif

Daniel Bunce / October 10, 2019

Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.

INFO STEALERS HOW MALWARE HACKS PRIVATE USER DATA 1

Info Stealers | How Malware Hacks Private User Data

Daniel Bunce / September 26, 2019

Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.

Gootkit Banking Trojan Part 3 Retrieving The Final Payload 1

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

Daniel Bunce / September 5, 2019

Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.

Copy Of Copy Of Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Security Research

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

Daniel Bunce / August 29, 2019

Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware

Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Daniel Bunce / August 15, 2019

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts
July 1, 2024
ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware
June 26, 2024
LABScon23 Replay | macOS Components Used in North Korean Crypto-Heists
May 8, 2024

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

©2024 SentinelOne, All Rights Reserved.

Privacy Notice Master Subscription Agreement

Company

Our Customers
Why SentinelOne
Platform
About
Partners
Support
Careers
Legal & Compliance
Security & Compliance
Contact Us
Investor Relations

Resources

Blog
Labs
Hack Chat
Press
News
FAQ
Resources
Ransomware Anthology

Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter

Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!

Language

English

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어