Hello there, today I’ll be analyzing Emotet C2 traffic using Wireshark. In this article we’ll go into stuff like Emotet’s infection chain, the C2 traffic and what it looks like and how Emotet drops it’s initial binary after infection. Emotet, initially identified in 2014 as a banking malware, has undergone…

Malspam campaigns, short for malicious spam campaigns, represent a prevalent form of cyber threat that involves the distribution of harmful emails on a large scale. We’ve often seen malicious files in the form of .exe, .docx. .pdf and even .ISO …

Hello, in this blog we’ll be performing memory forensics on a memory dump that was derived from an infected system. This system was infected by RedLine malware. Today we’ll be focusing on using Volatility. Volatility is a very powerful memory forensics tool. It is used to extract information from memory…

In this writeup, I will delve into my intriguing experience of geolocating a picture. Below is the picture which I stumbled onto in one of a discord server that I’m part of. The OP posted the picture saying “Here’s a little nice osint challenge”. Hmmm….. time to roll up the…