Malware Analysis – Adwind JRat
Adwind is a JAVA Based Remote Access Trojan. In this post we will be analyzing an Adwind JRat sample
Category: DFIR
MalDoc Analysis – Dosfuscation
Last night a colleague showed us an email which seemingly looked like a Phishing email. Best thing was the Threat Source had done a proper recon to identify individuals working in the company. The redacted portion was the name of...
MalDoc Analysis – Geodo
Geodo/Emotet is a banking Trojan that is distributed via Mal spam mails. It is part of the Feodo family
PowerForensics – Windows LNK Analysis
What? .LNK is the extension used by Shortcut Files in Windows. We normally place a ton of shortcuts on our desktop and sometimes in other folders as well. These shortcuts (LNK) files are binary files that contain information needed...
Super Timeline Using ELK Stack
ELK Stack is a collection of three components – Elasticsearch, Logstash & Kibana Logstash – This component is responsible for processing incoming data. It takes input from different sources, executes different transformations and stores the results in Elasticsearch or other...
