all InfoSec news
1768.py's Experimental Mode, (Sat, Mar 23rd)
March 23, 2024, 10:35 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of a Cobalt Strike beacon @DebugPrivilege had pointed me to. My 1768.py tool crashed on the process memory dump. This is fixed now, but it still doesn’t extract the configuration.
Article Link: 1768.py's Experimental Mode - SANS Internet Storm Center
1 post - 1 participant
article beacon cobalt cobalt strike configuration dropper entry extract file link memory mode process sat strike tool
More from malware.news / Malware Analysis, News and Indicators - Latest topics
New Redline Version: Uses Lua Bytecode, Propagates Through GitHub
1 day, 5 hours ago |
malware.news
Showcasing Artwork by Max for Autism Awareness Month
1 day, 19 hours ago |
malware.news
Kaiser Permanente notifies 13.4M patients of potential data exposure
1 day, 20 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network Security Engineer
@ Meta | Menlo Park, CA | Remote, US
Security Engineer, Investigations - i3
@ Meta | Washington, DC
Threat Investigator- Security Analyst
@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
Security Operations Engineer II
@ Microsoft | Redmond, Washington, United States
Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas
@ Goldman Sachs | Dallas, Texas, United States