all InfoSec news
1768.py's Experimental Mode, (Sat, Mar 23rd)
March 23, 2024, 10:35 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of a Cobalt Strike beacon @DebugPrivilege had pointed me to. My 1768.py tool crashed on the process memory dump. This is fixed now, but it still doesn’t extract the configuration.
Article Link: 1768.py's Experimental Mode - SANS Internet Storm Center
1 post - 1 participant
article beacon cobalt cobalt strike configuration dropper entry extract file link memory mode process sat strike tool
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Leveling the cybersecurity playing field
1 day, 11 hours ago |
malware.news
Automated pentesting in the cloud
1 day, 11 hours ago |
malware.news
How to revamp your cybersecurity in the middle of the chaos
1 day, 11 hours ago |
malware.news
6K-plus AI models may be affected by critical RCE vulnerability
1 day, 12 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Technical Support Specialist (Cyber Security)
@ Sigma Software | Warsaw, Poland
OT Security Specialist
@ Adani Group | AHMEDABAD, GUJARAT, India
FS-EGRC-Manager-Cloud Security
@ EY | Bengaluru, KA, IN, 560048