You are browsing the archive for threat hunting.

List of clean mutexes and mutants

March 12, 2023 in threat hunting

A few years ago I released a list of ‘bad’ mutexes/mutants. That list was generated from my malware sandbox reports. I thought that it may be good to revisit the […]

Threat Hunting – localization issues

March 10, 2023 in threat hunting

So you finished writing your perfect threat hunting query. Done and dusted, right? Hmm, sorry… chances are, it is… broken. How come? One reason, but it has many acronyms: L10N, […]