Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: SANS Internet Storm Center Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-10-31Didier StevensVideo: Phishing ZIP With Malformed Filename
2021-10-24Didier StevensPhishing ZIP With Malformed Filename
2021-09-08Brad Duncan"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-08-13Brad DuncanExample of Danabot distributed through malspam
2021-07-26Didier StevensFailed Malspam: Recovering The Password
2020-10-14Brad DuncanMore TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)
2020-05-13Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-05-03Didier StevensZIP & AES
2020-04-26Didier StevensVideo: Malformed .docm File
2020-04-08Brad DuncanGerman malspam pushes ZLoader malware
2020-04-04Didier StevensNew Bypass Technique or Corrupt Word Document?
2020-03-25Brad DuncanRecent Dridex activity
2020-01-22Brad DuncanGerman language malspam pushes Ursnif
2019-03-14Didier StevensTip: Ghidra & ZIP Files
2018-12-17Didier StevensPassword Protected ZIP with Maldoc
2017-08-26Didier StevensMalware analysis: searching for dots
2016-11-22Didier StevensUpdate:ZIP With Comment
2016-11-21Didier StevensZIP With Comment