MDNC | Malware don't need Coffee
Navigation
Search
FAQ
Contact
Blog
External
References
Actors
Authors
CVEs
EKs (Exploit Kits)
Malware
TDS (Traffic Distribution Systems)
Archive
References
Authors
Brad Duncan
@malware_traffic
Sundown EK from 37.139.47.53 sends Locky Ransomware
- 2016-10-17 - Malware-Traffic-Analysis -
Brad Duncan
WordsJS
Bizarro Sundown
Locky
2018-03-27 - FAKE CHROME, FIREFOX, OR FLASH UPDATE PAGES PUSH JS MALWARE
- 2018-03-27 - Malware-Traffic-Analysis -
Brad Duncan
SocGholish
js-GhoLoader
Malware Team Up: Malspam Pushing Emotet + Trickbot
- 2018-07-18 - PaloAlto -
Brad Duncan
Emotet
Trickbot
Fake Updates campaign still active in 2019
- 2019-02-12 - SANS ISC -
Brad Duncan
SocGholish
Chthonic
js-GhoLoader
Rig Exploit Kit sends Pitou.B Trojan
- 2019-06-25 - SANS ISC -
Brad Duncan
RIG
Pitou
Bikarys
Keitaro
2019-06-24 - Still finding #FakeUpdates traffic similar to Feb 2019 [...] Still seeing #Chthonic banking Trojan as the final payload
- 2019-06-27 - Twitter -
Brad Duncan
SocGholish
Chthonic
