Homepage
Open in app
Sign in
Get started
m4n0w4r
Follow
[QuickNote] The Xworm malware is being spread through a phishing email
[QuickNote] The Xworm malware is being spread through a phishing email
When a standard user clicks on the link provided, the browser will automatically initiate a download of the file Itinerary.doc _.zip,..
m4n0w4r
Sep 12
[QuickNote] Retrieve unknown python stealer from PyInstaller
[QuickNote] Retrieve unknown python stealer from PyInstaller
During my participating in a Discord community, I noticed a member made the following offer of assistance
m4n0w4r
Aug 10
[QuickNote] DarkGate — Make AutoIt Great Again
[QuickNote] DarkGate — Make AutoIt Great Again
In the first quarter of 2024, @AvastThreatLabs observed a DarkGate campaign distributed via malicious PDF files…
m4n0w4r
Jun 6
[QuickNote] Qakbot 5.0 — Decrypt strings and configuration
[QuickNote] Qakbot 5.0 — Decrypt strings and configuration
In this new sample, threat actor has updated Qakbot’s codebase to support 64-bit versions of Windows.
m4n0w4r
Apr 23
[QuickNote] Phishing email distributes WarZone RAT via DBatLoader
[QuickNote] Phishing email distributes WarZone RAT via DBatLoader
Below is an illustrated and summarized way of how WarZone RAT sample infects the victim system via DBatLoader
m4n0w4r
Apr 9
[QuickNote] Technical Analysis of recent Pikabot Core Module
[QuickNote] Technical Analysis of recent Pikabot Core Module
1. Overview
m4n0w4r
Jan 6
[Case study] Decrypt strings using Dumpulator
[Case study] Decrypt strings using Dumpulator
I received a suspicious Dll that needs to be analyzed. This Dll is packed. After unpacking it and throwing the Dll into IDA, IDA…
m4n0w4r
May 22, 2023
About m4n0w4r
Latest Stories
Archive
About Medium
Terms
Privacy
Teams