Threat Hunting

Detection Engineering Reverse Engineering Threat Hunting

Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement?

My first public malware research was for a strain of IcedID. A few months later, in my nighttime activities, I was working on technical analysis research for Sodinokibi (REvil), a Ransomware that is no longer seen, however, is part of the evolutionary history of the business model that we now know as RaaS. But, I […]

,

Latrodectus [IceNova] – Technical Analysis of the… New IcedID… Its Continuation… Or its Replacement? Read Post »

Detection Engineering Reverse Engineering Threat Hunting

IcedID – Technical Analysis of an IcedID Lightweight x64 DLL

My first public malware research was regarding an x32 PE stager (exe) from the IcedID family. In this research I analyzed three samples from different years, with the aim of identifying code reuse, and developing a Yara signature capable of detecting any IcedID sample, based on fixed code patterns persistent over the years. So you

,

IcedID – Technical Analysis of an IcedID Lightweight x64 DLL Read Post »

Detection Engineering Reverse Engineering Threat Hunting

Zero2Automated – Complete Custom Sample Challenge Analysis

The road so far… In this post, I will analyze the customized sample of the Zero2Automated: The Advanced Malware Analysis course, which is presented to us when we reach the halfway point of the course. At this point, the course has already explored in a deep and practical way subjects such as Cryptography Algorithms, Unpacking

,

Zero2Automated – Complete Custom Sample Challenge Analysis Read Post »

Scroll to Top