TECHNICAL EVOLUTION
AboutTags
  • Nov 30, 2024

    REKOOBE APT-31 Linux Backdoor Analysis

    In this post I will be taking a look at a Linux backdoor known as REKOOBE1

    1. https://malpedia.caad.fkie.fraunhofer.de/details/elf.rekoobe ↩

  • Sep 24, 2024

    WARMCOOKIE Incident Walk-Through

    This walk-through will be dissecting a WARMCOOKIE infection chain from the perspective of a network packet capture and Suricata alerts. The various artefacts for this incident are kindly provided by @malware_traffic and located at malware-traffic-analysis.net.

  • Mar 17, 2024

    Carving the IcedId - Part 3

    Welcome back to this series, analysing IcedId malware artefacts.

  • Jan 1, 2024

    Carving the IcedId - Part 2

    Welcome back to this series, analysing IcedId malware artefacts.

  • Oct 9, 2023

    Carving the IcedId

    In a world dominated with endpoint detection and response agents, coming across PCAP may be a rare occurrence.

Subscribe

  • techevo
  • simon at techevo dot uk

Welcome to 'Technical Evolution' – Evolving technical knowledge and trade craft.