ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Crimeware

Deep Dive Into TrickBot Executor Module “mexec” Reversing The Dropper Variant 7
Crimeware

Deep Dive Into TrickBot Executor Module “mexec”: Reversing the Dropper Variant
Jason Reaves /

Continuing our earlier analysis of the TrickBot Executor Module “mexec”, we take a look at the dropper variant and reveal how it carries its payload onboard.

Read More
Technical Overview Of NEMTY Successor Nefilim Nephilim Ransomware 4
Crimeware

Meet NEMTY Successor, Nefilim/Nephilim Ransomware
Jim Walter /

Ransomware families NEMTY, Nefilim and Nephilim continue to evolve and merge, taking on aspects of other successful variants that aim to encrypt and extort.

Read More
ICEID Botnet The Iceman Goes Phishing 9
Crimeware

IcedID Botnet | The Iceman Goes Phishing for US Tax Returns
Joshua Platt /

In light of the extended US tax deadline due to coronavirus, tax fraud remains a viable avenue for the criminal group behind the ICEDID banking malware.

Read More
Maze Ransomware Update Extorting And Exposing Victims 2
Crimeware

Maze Ransomware Update: Extorting and Exposing Victims
Jim Walter /

Maze ransomware doesn’t just demand payment for a decryptor but exfiltrates victim data and threatens to leak it publicly if the target doesn’t pay up.

Read More
Deep Dive Into TrickBot Executor Module Mexec Hidden Anchor Bot Nexus Operations 4
Crimeware

Deep Dive Into TrickBot Executor Module “mexec”: Hidden “Anchor” Bot Nexus Operations
Jason Reaves /

New “mexec” module delivers tertiary malware and allows TrickBot to pivot within a network, deploy a variety of payloads and evade common detection methods.

Read More
Revealing The Trick A Deep Dive Into TrickLoader Obfuscation 2
Crimeware

Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
Jason Reaves /

TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.

Read More
New Snake Ransomware Adds Itself To The Increasing Collection Of Golang Crimeware
Crimeware

New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
Jim Walter /

The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.

Read More
SLABS Blog TrickbotTrick
Crimeware

Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
Vitali Kremez /

SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”

Read More
How TrickBot Hooking Engine Targets Windows 10 Browsers 5
Crimeware

How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
Vitali Kremez /

Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10

Read More
Writing Malware Traffic Decrypters For ISFB Ursnif 3 1
Crimeware

Writing Malware Traffic Decrypters for ISFB/Ursnif
Daniel Bunce /

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Read More
1 4 5 6 7