trickbot - you sneakymonkey!

trickbot

A collection of 3 posts

Excel 4.0 Macros - So hot right now...🔥🔥🔥

Excel 4.0 Macros - So hot right now...🔥🔥🔥

Analysis of Excel 4.0 macros and how to triage these .XLS files to gather IOCs from recent ITW samples such as ZLOADER, TRICKBOT and URSNIF.

TRICKBOT - Analysis Part II

trickbot Featured

TRICKBOT - Analysis Part II

Some further TTPs used by TRICKBOT [1] from an infected host that I thought was interesting to share. The sample used here is from an EMOTET to TRICKBOT infection "GTAG:mor14" courtesy of Malware-Traffic-Analysis. 👏👏 Samples Used * C:\Users\AUSER\AppData\Roaming\netcloud\բնութագրվում է.exe * C:\Users\AUSER\AppData\Roaming\

TRICKBOT - Analysis

TRICKBOT - Analysis

Research into how to decode the TRICKBOT config, quickly analyse to provide context and help incident response/blue teams.