Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jan Kopriva

Threat Level: green

Date	Author	Title
2022-07-10	Guy Bruneau	Excel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07	Brad Duncan	Emotet infection with Cobalt Strike
2022-02-09	Brad Duncan	Example of Cobalt Strike from Emotet infection
2022-01-25	Brad Duncan	Emotet Stops Using 0.0.0.0 in Spambot Traffic
2022-01-19	Brad Duncan	0.0.0.0 in Emotet Spambot Traffic
2021-12-22	Brad Duncan	December 2021 Forensic Contest: Answers and Analysis
2021-11-16	Brad Duncan	Emotet Returns
2021-01-28	Daniel Wesemann	Emotet vs. Windows Attack Surface Reduction
2020-11-03	Brad Duncan	Emotet -> Qakbot -> more Emotet
2020-01-28	Brad Duncan	Emotet epoch 1 infection with Trickbot gtag mor84
2020-01-23	Xavier Mertens	Complex Obfuscation VS Simple Trick
2019-12-18	Brad Duncan	Emotet infection with spambot activity
2019-10-02	Brad Duncan	A recent example of Emotet malspam
2019-09-18	Brad Duncan	Emotet malspam is back
2019-03-13	Brad Duncan	Malspam pushes Emotet with Qakbot as the follow-up malware
2019-01-16	Brad Duncan	Emotet infections and follow-up malware
2018-11-15	Brad Duncan	Emotet infection with IcedID banking Trojan
2018-09-26	Brad Duncan	One Emotet infection leads to three follow-up malware infections
2018-07-26	Xavier Mertens	Windows Batch File Deobfuscation
2018-07-24	Brad Duncan	Recent Emotet activity
2017-11-30	Brad Duncan	More Malspam pushing Emotet malware
2017-08-10	Didier Stevens	Maldoc Analysis with ViperMonkey
2017-07-28	Didier Stevens	Static Analysis of Emotet Maldoc
2017-07-26	Brad Duncan	Malspam pushing Emotet malware