Sourcehttps://bazaar.abuse.ch/sample/f47af17b82cdd753cbba4f75be9e372ac7dca17452572c57df64f5bfea74abe9/Analysis EnvironmentREMnux [clearboth]Overview This Excel document contains malicious macros that ...
Malware Source MalwareBazaar | SHA256 0a19ba2af0a2c3b6bdb5c7265439185093c1f6e8128338b7d566e3a15cc8b193 (Vjw0rm)Analysis EnvironmentFlare VM, REMnux[clearboth]Overview:The Vjw0rm script is JavaScr...
Malware sample source:https://github.com/ytisf/theZoo/tree/master/malware/Binaries/njRAT-v0.6.4Analysis EnvironmentFlare VM, Remnux Overview: The binary njRAT.exe is a Remote Access Trojan (RAT) that ...
In this exercise, I investigated failed authentication attempts with Splunk to detect potential threat actors attempting to gain access to the environment. This exercise is divided into three parts: D...