This is a collection of our raw research notes. Each post is generated from a Jupyter Notebook that can be found in our GitHub Research repository. Notes may contain errors, spelling mistakes, grammar mistakes, and incorrect code. Please keep in mind these are all rough drafts. Pull requests are welcome!
Notes
C++ STL Types
BitRat Exposed
Threat Intel - Building A Simple Botnet Tracker
Icarus Stealer - What is it?
ISFB / GOZI / RM3 Config Extraction
Clipboard Hijacker Detection
PrivateLoader Triage
DbatLoader Triage
SmokeLoader Triage
Lockbit 3.0 Ransomware Triage
Matanbuchus Triage Notes
Diceloader Triage Notes
Malware Downloader Triage Notes
Cobalt Strike Analysis
Triage Amadey Loader