2022-06-04 | Guy Bruneau | Spam Email Contains a Very Large ISO file |
2022-05-20 | Xavier Mertens | A 'Zip Bomb' to Bypass Security Controls & Sandboxes |
2022-04-20 | Brad Duncan | "aa" distribution Qakbot (Qbot) infection with DarkVNC traffic |
2022-02-18 | Xavier Mertens | Remcos RAT Delivered Through Double Compressed Archive |
2021-10-31 | Didier Stevens | Video: Phishing ZIP With Malformed Filename |
2021-10-24 | Didier Stevens | Phishing ZIP With Malformed Filename |
2021-09-08 | Brad Duncan | "Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware |
2021-08-13 | Brad Duncan | Example of Danabot distributed through malspam |
2021-07-26 | Didier Stevens | Failed Malspam: Recovering The Password |
2020-10-14 | Brad Duncan | More TA551 (Shathak) Word docs push IcedID (Bokbot) |
2020-08-07 | Brad Duncan | TA551 (Shathak) Word docs push IcedID (Bokbot) |
2020-05-13 | Brad Duncan | Malspam with links to zip archives pushes Dridex malware |
2020-05-03 | Didier Stevens | ZIP & AES |
2020-04-26 | Didier Stevens | Video: Malformed .docm File |
2020-04-08 | Brad Duncan | German malspam pushes ZLoader malware |
2020-04-04 | Didier Stevens | New Bypass Technique or Corrupt Word Document? |
2020-03-25 | Brad Duncan | Recent Dridex activity |
2020-01-22 | Brad Duncan | German language malspam pushes Ursnif |
2019-03-14 | Didier Stevens | Tip: Ghidra & ZIP Files |
2018-12-17 | Didier Stevens | Password Protected ZIP with Maldoc |
2017-08-26 | Didier Stevens | Malware analysis: searching for dots |
2016-11-22 | Didier Stevens | Update:ZIP With Comment |
2016-11-21 | Didier Stevens | ZIP With Comment |