Blog Archives - Binary Defense

IcedID GZIPLOADER Analysis

In late February, while tracking a malicious spam campaign from the Qakbot distributor “TR,” Binary Defense’s analysts identified a new version of IcedID being delivered through malicious Word and Excel files. The updated IcedID has a new first stage loading mechanism, which we’ve dubbed “gziploader,” along with new encryption algorithms for hiding its configuration and […]

Qakbot Upgrades to Stealthier Persistence Method

Qakbot is a versatile banking trojan that until recently, focused primarily on theft of personal information and passwords. However, following the trend toward ransomware set by Trickbot and other botnet malware families, Qakbot has recently shifted its goals to deliver post compromise attack platforms such as Cobalt Strike Beacon, with the final objective of loading […]

EmoCrash: Exploiting a Vulnerability in Emotet Malware for Defense

By: James Quinn Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us. However, it’s important to keep in mind that malware is software that can also have flaws. Just as attackers can exploit flaws in legitimate software to cause harm, defenders […]

12 Essentials for a Successful SOC Partnership

Cyber War: Hackers’ Transformation from Cyber Criminals to Hacktivists

The war in Ukraine and its impact on how China views Taiwan

A Day in the Life of a SOC Analyst

Tag: Blog

IcedID GZIPLOADER Analysis

Qakbot Upgrades to Stealthier Persistence Method

EmoCrash: Exploiting a Vulnerability in Emotet Malware for Defense

Solutions

Industries

Resources

About