all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

[SANS ISC] Malicious Code Can Be Anywhere

Add to bookmarks
June 20, 2023, 2:11 p.m. | Xavier

/dev/random blog.rootshell.be

Today, I published the following diary on isc.sans.edu: “Malicious Code Can Be Anywhere“: My Python hunting rules reported some interesting/suspicious files. The files are named with a “.ma” extension. Some of them have very low VT scores. For example, the one with a SHA256 dc16115d165a8692e6f3186afd28694ddf2efe7fd3e673bd90690f2ae7d59136 has a score of 15/59.


The post [SANS ISC] Malicious Code Can Be Anywhere appeared first on /dev/random.

code edu extension files hunting hunting rules isc low malicious malware python rules sans sans.edu sans internet storm center sans isc score sha256

Visit resource

More from blog.rootshell.be / /dev/random

Hack.lu 2023 Wrap-Up 6 months, 1 week ago | blog.rootshell.be
back blog blog post conference +11
[SANS ISC] macOS: Who’s Behind This Network Connection? 8 months ago | blog.rootshell.be
a network apple edu firewall +13
[SANS ISC] Python Malware Using Postgresql for C2 Communications 8 months ago | blog.rootshell.be
access c2 command command and control +19
[SANS ISC] More Exotic Excel Files Dropping AgentTesla 8 months ago | blog.rootshell.be
agenttesla attackers computers edu +20
[SANS ISC] Have You Ever Heard of the Fernet Encryption Algorithm? 8 months ago | blog.rootshell.be
aes algorithm algorithms cryptography +13
[SANS ISC] Quick Malware Triage With Inotify Tools 8 months ago | blog.rootshell.be
analysis edu files find +14
[SANS ISC] From a Zalando Phishing to a RAT 8 months, 1 week ago | blog.rootshell.be
apple customers daily dhl +23
[SANS ISC] Show me All Your Windows! 8 months, 2 weeks ago | blog.rootshell.be
analysis anti-analysis anti-debugging attackers +17
[SANS ISC] Are Leaked Credentials Dumps Used by Attackers? 8 months, 3 weeks ago | blog.rootshell.be
attackers credentials edu emails +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs