Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-06-04Xavier MertensRussian Dolls VBS Obfuscation
2021-01-04Jan KoprivaFrom a small BAT file to Mass Logger infostealer
2020-11-19Xavier MertensPowerShell Dropper Delivering Formbook
2020-11-13Xavier MertensOld Worm But New Obfuscation Technique
2020-11-05Xavier MertensDid You Spot "Invoke-Expression"?
2020-10-14Xavier MertensNicely Obfuscated Python RAT
2020-09-04Jan KoprivaA blast from the past - XXEncoded VB6.0 Trojan
2020-08-19Xavier MertensExample of Word Document Delivering Qakbot
2020-08-16Didier StevensSmall Challenge: A Simple Word Maldoc - Part 3
2020-07-08Xavier MertensIf You Want Something Done Right, You Have To Do It Yourself... Malware Too!
2020-04-27Xavier MertensPowershell Payload Stored in a PSCredential Object
2020-04-24Xavier MertensMalicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-03Xavier MertensObfuscated with a Simple 0x0A
2020-02-22Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2020-01-23Xavier MertensComplex Obfuscation VS Simple Trick
2019-10-18Xavier MertensQuick Malicious VBS Analysis
2019-08-09Xavier Mertens100% JavaScript Phishing Page
2019-07-11Xavier MertensRussian Dolls Malicious Script Delivering Ursnif
2019-07-02Xavier MertensMalicious Script With Multiple Payloads
2019-06-10Xavier MertensInteresting JavaScript Obfuscation Example
2018-12-15Didier StevensDe-DOSfuscation Example
2018-12-12Didier StevensYet Another DOSfuscation Sample
2018-11-27Xavier MertensMore obfuscated shell scripts: Fake MacOS Flash update
2018-11-26Xavier MertensObfuscated bash script targeting QNap boxes
2018-11-16Xavier MertensBasic Obfuscation With Permissive Languages
2018-11-06Xavier MertensMalicious Powershell Script Dissection
2018-10-23Xavier MertensDiving into Malicious AutoIT Code
2018-09-30Didier StevensWhen DOSfuscation Helps...
2018-07-30Didier StevensMalicious Word documents using DOSfuscation
2018-07-26Xavier MertensWindows Batch File Deobfuscation
2018-06-18Xavier MertensMalicious JavaScript Targeting Mobile Browsers
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2017-11-03Xavier MertensSimple Analysis of an Obfuscated JAR File
2017-09-30Lorna HutchesonWho's Borrowing your Resources?
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-06-22Xavier MertensObfuscating without XOR
2017-04-28Xavier MertensAnother Day, Another Obfuscation Technique
2017-04-21Xavier MertensAnalysis of a Maldoc with Multiple Layers of Obfuscation
2017-04-19Xavier MertensHunting for Malicious Excel Sheets
2017-03-30Xavier MertensDiverting built-in features for the bad
2017-03-24Xavier MertensNicely Obfuscated JavaScript Sample
2017-03-18Xavier MertensExample of Multiple Stages Dropper
2017-02-28Xavier MertensAnalysis of a Simple PHP Backdoor
2017-02-12Xavier MertensAnalysis of a Suspicious Piece of JavaScript
2016-08-28Guy BruneauSpam with Obfuscated Javascript
2016-06-22Bojan ZdrnjaSecurity through obscurity never works
2016-02-07Xavier MertensMore Malicious JavaScript Obfuscation
2016-01-15Xavier MertensJavaScript Deobfuscation Tool
2013-02-08Kevin ShorttIs it Spam or Is it Malware?
2012-05-22Johannes Ullrichnmap 6 released
2012-01-03Bojan ZdrnjaThe tale of obfuscated JavaScript continues
2010-04-08Bojan ZdrnjaJavaScript obfuscation in PDF: Sky is the limit
2010-03-05Kyle HaugsnessJavascript obfuscators used in the wild
2009-06-30Chris CarboniObfuscated Code
2009-06-30Chris CarboniDe-Obfuscation Submissions
2009-04-07Bojan ZdrnjaAdvanced JavaScript obfuscation (or why signature scanning is a failure)
2008-09-03Daniel WesemannStatic analysis of Shellcode - Part 2
2008-07-14Daniel WesemannObfuscated JavaScript Redux
2008-04-06Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation