The chronicles of Bumblebee: The Hook, the Bee, and the Trickbot connectionIn late March 2022, a new malware dubbed “Bumblebee” was discovered, and reported to be distributed in phishing campaigns containing ISO…Apr 27, 2022Apr 27, 2022
Highway to Conti: Analysis of BazarloaderAs we look back to summarize the year 2021 we observe that the biggest threat in the cybersecurity landscape is still ransomware. A large…Feb 16, 2022Feb 16, 2022
The Squirrel Strikes Back: Analysis of the newly emerged cobalt-strike loader “SquirrelWaffle”Since early-mid of September 2021, a new malware loader dubbed “Squirrelwaffle” has been discovered and observed delivering the attack…Sep 21, 20213Sep 21, 20213
Dissecting and automating Hancitor’s config extractionThe Hancitor malware, first observed in 2015, is a downloader known to deliver several other malware. In its first years, Hancitor was…Jun 21, 20211Jun 21, 20211
Dancing With Shellcodes: Cracking the latest version of GuloaderGuloader is a downloader that has been active since 2019. It is known to deliver various malware, more notably: Agent-Tesla, Netwire…Apr 19, 2021Apr 19, 2021
Funtastic Packers And Where To Find ThemIn malware, we often see threat actors that tend to obfuscate or encrypt their code in order to slow down the analysis of security…Jan 18, 20211Jan 18, 20211