...variant" author = "Henadence Anyam" reference = "Internal Research" date = "2022-08-15" hash1 = "88bbb772b8731296822646735aacbfb53014fbb7f90227b44523d7577e0a7ce6" hash2 = "ff09cf7dfd1dc1466815d4df098065510eec504099ebb02b830309067031fe04" strings: $a1 = "cmd" fullword ascii $a2 = "sh" fullword ascii $a3...
Docker has become a popular framework for application deployment since its development due to its benefits. For example, it makes it easier for organizations to enhance the portability of their...
Cyber attackers are known to utilize various techniques to maintain persistence on compromised endpoints. These techniques ensure that attackers do not repeat exploitation phases when compromised web servers reboot, change...
Persistence techniques are mechanisms or configurations threat actors use to maintain illicit access to compromised endpoints after gaining initial access. Persistence guarantees that attackers have endpoint access regardless of system...
LNK files, also known as Shell links, are Windows shortcut files that point to an original file, folder, or application. They have the “LNK” file extension and use the Shell...
Indicators of compromise (IoCs) are forensic artifacts that provide evidence of a potential security breach on an endpoint or network. Forensic experts use these artifacts to analyze security threats and...
Configuration management is the process of maintaining computer systems, servers, network devices, and software in a desired and consistent state. Configuration management tools allow you to quickly and remotely control...
Please make sure that all words are spelled correctly.