Skip to content

DMFR SECURITY

another security blog…

Reviews
About

Search for:

Author: Daniel

100 Days of YARA – Day 19: Identifying Golang Binaries

On January 7, 2022December 31, 2021 By DanielIn 100 days of Yara1 Comment

Find Golang binaries with YARA.

100 Days of YARA – Day 18: Yanluowang Ransomware

On January 6, 2022December 31, 2021 By DanielIn 100 days of Yara1 Comment

Another ransomware strain is known as Yanluowang. Here are some of my bookmarks that I've tagged as Yanluowang: https://pinboard.in/u:droberson/t:yanluowang/ This blog post by Symantec was very interesting to me, as it presented a lot of generic examples of post-exploitation activity that was observed by the operators of this ransomware: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-ransomware-attacks-continue Particularly, this article mentions the …

Continue reading 100 Days of YARA – Day 18: Yanluowang Ransomware

100 Days of YARA – Day 17: BlackCat Ransomware

On January 5, 2022December 31, 2021 By DanielIn 100 days of Yara2 Comments

Find BlackCat ransomware with YARA.

100 Days of YARA – Day 16: Public Services

On January 4, 2022January 4, 2022 By DanielIn 100 days of Yara2 Comments

Malware authors often abuse free or public services to distribute malicious content. They may host payloads on DropBox or Discord, Google Drive, PasteBin, or a number of services. Searching for the domains used by these services can uncover malware in surprising places. Ngrok ngrok is used to tunnel traffic through HTTP. Despite being a legitimate …

Continue reading 100 Days of YARA – Day 16: Public Services

100 Days of YARA – Day 15: njrat

On January 3, 2022December 24, 2021 By DanielIn 100 days of Yara2 Comments

Find njrat with YARA.

100 Days of YARA – Day 14: shc Generic Shell Script Compiler

On January 2, 2022December 24, 2021 By DanielIn 100 days of Yara2 Comments

Find binaries built with the generic shell script compiler with YARA.

100 Days of YARA – Day 13: Quasar RAT

On January 1, 2022December 24, 2021 By DanielIn 100 days of Yara2 Comments

Find QuasarRAT with YARA.

100 Days of YARA – Day 12: Neshta

On December 31, 2021December 24, 2021 By DanielIn 100 days of Yara2 Comments

Find Neshta-infected files with YARA.

100 Days of YARA – Day 11: UPX

On December 30, 2021December 24, 2021 By DanielIn 100 days of Yara2 Comments

Find UPX-packed binaries with YARA.

REVIEW: Reversing: Secrets of Reverse Engineering

On December 29, 2021 By DanielIn books, malware, reversing, reviews, windows1 Comment

Book review of Reversing: Secrets of Reverse Engineering.

REVIEW: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

On December 29, 2021 By DanielIn books, malware, reversing, reviews, windows3 Comments

My review of Practical Malware Analysis.

100 Days of YARA – Day 10: WinSock

On December 29, 2021December 24, 2021 By DanielIn 100 days of Yara2 Comments

Detect applications utilizing WinSock with YARA.

Posts navigation

Archives

February 2022 (12)
January 2022 (31)
December 2021 (15)
November 2021 (3)
October 2021 (7)
September 2021 (13)
August 2021 (13)
May 2021 (4)
April 2021 (23)
February 2021 (5)
January 2021 (6)
December 2020 (8)
February 2020 (2)
November 2019 (1)
October 2019 (2)
December 2018 (3)
July 2018 (1)
May 2017 (2)
April 2017 (5)
January 2017 (1)
December 2016 (4)

ascii assembler base64 binary C c++ cryptography CTF cyberchef ELF exiftool forensics golang hexadecimal hunting incident response java kali Linux malware netcat networking nmap pe pentesting persistence picoctf PowerShell procfs programming Python ransomware reversing reviews security shellcode shell scripting ssh steganography strings web win32 windows wireshark yara

Blog at WordPress.com.

Blog at WordPress.com.

Subscribe Subscribed
- DMFR SECURITY
- Already have a WordPress.com account? Log in now.

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website