Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Yee Ching Tok
Threat Level:
green
Date
Author
Title
FICKER STEALER
2021-07-09
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
FICKER
2021-07-09/a>
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30/a>
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2010-11-17/a>
Guy Bruneau
Conficker B++ Activated on Nov 15
2009-09-26/a>
Kyle Haugsness
Conficker detection hints
2009-09-25/a>
Deborah Hale
Conficker Continues to Impact Networks
2009-09-23/a>
Marcus Sachs
Addendum to SRI's Conficker C Analysis Published
2009-04-16/a>
Adrien de Beaupre
Some conficker lessons learned
2009-04-09/a>
Johannes Ullrich
Conficker update with payload
2009-04-09/a>
Jim Clausing
Conficker Working Group site down
2009-04-05/a>
Marcus Sachs
Open Source Conficker-C Scanner/Detector Released
2009-04-02/a>
Handlers
A view from the CWG Trenches
2009-03-30/a>
Daniel Wesemann
Locate Conficker infected hosts with a network scan!
2009-03-29/a>
Chris Carboni
April 1st - What Will Really Happen?
2009-02-13/a>
Andre Ludwig
Third party information on conficker
2009-02-10/a>
Bojan Zdrnja
More tricks from Conficker and VM detection
2009-02-09/a>
Bojan Zdrnja
Some tricks from Conficker's bag
2009-01-16/a>
G. N. White
Conficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines
2009-01-15/a>
Bojan Zdrnja
Conficker's autorun and social engineering
2009-01-12/a>
William Salusky
Downadup / Conficker - MS08-067 exploit and Windows domain account lockout
STEALER
2022-12-18/a>
Guy Bruneau
Infostealer Malware with Double Extension
2022-08-11/a>
Xavier Mertens
InfoStealer Script Based on Curl and NSudo
2022-04-06/a>
Brad Duncan
Windows MetaStealer Malware
2022-03-23/a>
Brad Duncan
Arkei Variants: From Vidar to Mars Stealer
2022-03-09/a>
Xavier Mertens
Infostealer in a Batch File
2021-12-21/a>
Xavier Mertens
More Undetected PowerShell Dropper
2021-12-01/a>
Xavier Mertens
Info-Stealer Using webhook.site to Exfiltrate Data
2021-07-09/a>
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30/a>
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-04-06/a>
Jan Kopriva
Malspam with Lokibot vs. Outlook and RFCs
2021-03-31/a>
Xavier Mertens
Quick Analysis of a Modular InfoStealer
2019-11-27/a>
Brad Duncan
Finding an Agent Tesla malware sample
2019-10-09/a>
Brad Duncan
What data does Vidar malware steal from an infected host?
2019-01-24/a>
Brad Duncan
Malspam with Word docs uses macro to run Powershell script and steal system data
2017-03-08/a>
Xavier Mertens
Not All Malware Samples Are Complex
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Make the web a better place by
sharing the SANS Internet Storm Center
with others
