You are browsing the archive for Malware Analysis.

Propagate, Ribbonate

December 22, 2020 in Anti-Forensics, Code Injection, Forensic Analysis, Malware Analysis

I thought Propagate technique is a dead horse. Described, implemented, used in malware. But. There is perhaps one more possibility, or four. When you open Windows Explorer and Ribbons are […]

When good URLs are bad for business

November 15, 2020 in Forensic Analysis, Incident Response, Malware Analysis, Proxy Logs Analysis

Analyzing memory dumps comes with a price – ‘good’ information overload. One that annoys me a lot is running URl/domain extraction tools over the memdump and finding tones of legitimate […]