ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM
Evasive Maneuvers Massive IcedID Campaign Aims For Stealth With Benign Macros 5
labs
Crimeware

Evasive Maneuvers | Massive IcedID Campaign Aims For Stealth with Benign Macros
Marco Figueroa /

A widespread phishing campaign in operation since May is using a mix of old and new evasion tricks to drop IcedID malware.

Read More
Caught In The Cloud How A Minero Cryptominer Exploits Docker Containers 4
labs
Crimeware

Caught in the Cloud | How a Monero Cryptominer Exploits Docker Containers
Marco Figueroa /

This crypto mining campaign doesn’t use notable exploit components but leverages shell scripts to infect cloud containers and bypass AVs.

Read More
A Deep Dive Into Zebrocys Dropper Docs 4
labs
Adversary

A Deep Dive into Zebrocy’s Dropper Docs
Marco Figueroa /

A new APT28 campaign targets Kazakhstan with Delphocy malware. We show how to reverse engineer the dropper and bypass the VBA macro’s password protection.

Read More
Top 15 Essential Malware Analysis Tools 4
labs
Security Research

Top 15 Essential Malware Analysis Tools
Marco Figueroa /

Get your malware analysis toolkit up-to-speed! From disassemblers and debuggers to hex editors and SSL interception tools, you’ll find them all here.

Read More
A Guide To Ghidra Scripting Development For Malware Researchers 3
labs
Security Research

A Guide to Ghidra Scripting Development for Malware Researchers
Marco Figueroa /

Automation is the key to becoming a more effective malware analyst, and Ghidra scripting is an essential tool in your arsenal. Get started here!

Read More
Building A Custom Malware Analysis Lab Environment 2
labs
Security Research

Building a Custom Malware Analysis Lab Environment
Marco Figueroa /

Building the right malware analysis environment is the first step for every researcher. We show how it’s done and offer some free custom tools for your use.

Read More
SolarWinds Understanding Detecting The SUPERNOVA Webshell Trojan 3
labs
Advanced Persistent Threat

SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
Marco Figueroa /

Our analysis of the SUPERNOVA trojan reveals the differences between the legitimate DLL and the attacker’s implant, along with some new IoCs for detection.

Read More
Under The Hood An Inside Look At How Ryuk Evolved Its Encryption And Evasion Techniques 6
labs
Crimeware

An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques
Marco Figueroa /

Ryuk’s success is based partly on leveraging other toolkits and vulns, partly on its encryption speed and evasion tricks. We tear it down for a closer look.

Read More