 |
 |
 |
 |
 |
 |
February 26, 2021 in Compromise Detection, Sysmon, threat hunting
This event is not very well explained on the internet, so I took a liberty of describing it below: The event message is as follows: A service process other than […]
February 19, 2021 in Anti-Forensics, Compromise Detection, Living off the land, Reusigned Binaries
The previous posts about hosts files build a foundation for the trick I wanted to cover in this post. Most of native LOLBINish downloaders are already known (certutil, BITS, etc.). […]