You are browsing the archive for Anti-Forensics.

DownLOLoloaders

February 19, 2021 in Anti-Forensics, Compromise Detection, Living off the land, Reusigned Binaries

The previous posts about hosts files build a foundation for the trick I wanted to cover in this post. Most of native LOLBINish downloaders are already known (certutil, BITS, etc.). […]

Yet another secret of hosts file

February 18, 2021 in Anti-*, Anti-Forensics, Archaeology, Compromise Detection

In my old post I mentioned not a very well known hosts.ics file. Today I cover one more secret that I stumbled upon while digging inside DNS API internals. Turns […]