Search Results for “get-datainfo”

BlackSuit Ransomware

editor August 26, 2024

Key Takeaways In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor … Read More

bazar cobaltstrike conti

BazarLoader to Conti Ransomware in 32 Hours

editor September 13, 2021

Intro Conti is a top player in the ransomware ecosystem, being listed as 2nd overall in the Q2 2021 Coveware ransomware report. The groups deploying this RaaS have only grown … Read More

cobaltstrike trickbot

Trickbot Leads Up to Fake 1Password Installation

editor August 16, 2021

Intro Over the past years, Trickbot has established itself as modular and multifunctional malware. Initially focusing on bank credential theft, the Trickbot operators have extended its capabilities. More recently, Trickbot … Read More

adfind BazarCall cobaltstrike conti ransomware trickbot

BazarCall to Conti Ransomware via Trickbot and Cobalt Strike

editor August 1, 2021

Intro This report will go through an intrusion that went from an Excel file to domain wide ransomware. The threat actors used BazarCall to install Trickbot in the environment which … Read More

anchor bazar cobaltstrike

Bazar Drops the Anchor

editor March 8, 2021

Intro The malware identified as Anchor first entered the scene in late 2018 and has been linked to the same group as Trickbot, due to similarities in code and usage … Read More

adfind bazar cobaltstrike ryuk

Bazar, No Ryuk?

editor January 31, 2021

Intro In the fall of 2020, Bazar came to prominence when several campaigns delivered Ryuk ransomware. While Bazar appeared to drop-off in December, new campaigns have sprung up recently, using … Read More