Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
FICKER STEALER
2021-07-09
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
FICKER
2021-07-09/a>
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30/a>
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2010-11-17/a>
Guy Bruneau
Conficker B++ Activated on Nov 15
2009-09-26/a>
Kyle Haugsness
Conficker detection hints
2009-09-25/a>
Deborah Hale
Conficker Continues to Impact Networks
2009-09-23/a>
Marcus Sachs
Addendum to SRI's Conficker C Analysis Published
2009-04-16/a>
Adrien de Beaupre
Some conficker lessons learned
2009-04-09/a>
Johannes Ullrich
Conficker update with payload
2009-04-09/a>
Jim Clausing
Conficker Working Group site down
2009-04-05/a>
Marcus Sachs
Open Source Conficker-C Scanner/Detector Released
2009-04-02/a>
Handlers
A view from the CWG Trenches
2009-03-30/a>
Daniel Wesemann
Locate Conficker infected hosts with a network scan!
2009-03-29/a>
Chris Carboni
April 1st - What Will Really Happen?
2009-02-13/a>
Andre Ludwig
Third party information on conficker
2009-02-10/a>
Bojan Zdrnja
More tricks from Conficker and VM detection
2009-02-09/a>
Bojan Zdrnja
Some tricks from Conficker's bag
2009-01-16/a>
G. N. White
Conficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines
2009-01-15/a>
Bojan Zdrnja
Conficker's autorun and social engineering
2009-01-12/a>
William Salusky
Downadup / Conficker - MS08-067 exploit and Windows domain account lockout
STEALER
2024-11-22/a>
Xavier Mertens
An Infostealer Searching for « BIP-0039 » Data
2024-11-07/a>
Xavier Mertens
Steam Account Checker Poisoned with Infostealer
2024-10-09/a>
Xavier Mertens
From Perfctl to InfoStealer
2024-09-18/a>
Xavier Mertens
Python Infostealer Patching Windows Exodus App
2024-08-27/a>
Xavier Mertens
Why Is Python so Popular to Infect Windows Hosts?
2024-07-26/a>
Xavier Mertens
ExelaStealer Delivered "From Russia With Love"
2024-05-31/a>
Xavier Mertens
"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-02-20/a>
Xavier Mertens
Python InfoStealer With Dynamic Sandbox Detection
2024-01-25/a>
Xavier Mertens
Facebook AdsManager Targeted by a Python Infostealer
2023-12-22/a>
Xavier Mertens
Shall We Play a Game?
2023-09-29/a>
Xavier Mertens
Are You Still Storing Passwords In Plain Text Files?
2023-05-04/a>
Xavier Mertens
Infostealer Embedded in a Word Document
2023-03-01/a>
Xavier Mertens
Python Infostealer Targeting Gamers
2022-12-18/a>
Guy Bruneau
Infostealer Malware with Double Extension
2022-08-11/a>
Xavier Mertens
InfoStealer Script Based on Curl and NSudo
2022-04-06/a>
Brad Duncan
Windows MetaStealer Malware
2022-03-23/a>
Brad Duncan
Arkei Variants: From Vidar to Mars Stealer
2022-03-09/a>
Xavier Mertens
Infostealer in a Batch File
2021-12-21/a>
Xavier Mertens
More Undetected PowerShell Dropper
2021-12-01/a>
Xavier Mertens
Info-Stealer Using webhook.site to Exfiltrate Data
2021-07-09/a>
Brad Duncan
Hancitor tries XLL as initial malware file
2021-06-30/a>
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-04-06/a>
Jan Kopriva
Malspam with Lokibot vs. Outlook and RFCs
2021-03-31/a>
Xavier Mertens
Quick Analysis of a Modular InfoStealer
2019-11-27/a>
Brad Duncan
Finding an Agent Tesla malware sample
2019-10-09/a>
Brad Duncan
What data does Vidar malware steal from an infected host?
2019-01-24/a>
Brad Duncan
Malspam with Word docs uses macro to run Powershell script and steal system data
2017-03-08/a>
Xavier Mertens
Not All Malware Samples Are Complex
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow the Internet Storm Center on
Twitter