Malasada Tech

Thruntellisearch - Threat Hunting/Intelligence Research

Fake Malware TOAD via Malvertizing

Aaron Samala November 19, 2025 No Comments

TL;DR There was a campaign for a Fake Malware TOAD via Malvertizing. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN AND DO NOT REFLECT…

Malware Research Thruntellisearch - Threat Hunting/Intelligence Research

PDFChampions YAPA Browser Hijacker/Loader Analysis

Aaron Samala November 8, 2025 No Comments

TL;DR PDFChampions is a YAPA Browser Hijacker, delivered via ads, that changes the browsers default search engine and also functions as a loader. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS…

Malware Research

ConvertyFile Browser Hijacker

Aaron Samala October 29, 2025 1 Comment

TL;DR ConvertyFile is a browser hijacker, delivered via ads, that changes the browser’s default search engine. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN…

Malware Research Thruntellisearch - Threat Hunting/Intelligence Research

Convert Master Browser Hijacker Analysis

Aaron Samala October 25, 2025 2 Comments

TL;DR Convert Master is a browser hijacker, delivered via ads, that changes the browsers default search engine – and I’ve observed it using a redirector for the “Retro Revive” fake…

Thruntellisearch - Threat Hunting/Intelligence Research

Teams Transcript Page Lure Delivers GoTo RMM

Aaron Samala October 24, 2025 No Comments

TL;DR This documents a Teams transcript download page lure that delivers GoTo RMM. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN AND DO NOT…

Phishing Thruntellisearch - Threat Hunting/Intelligence Research

PoisonSeed YouTube-themed Career Phishing

Aaron Samala October 4, 2025 No Comments

TL;DR This documents a YouTube-themed Career Phishing campaign that I assess is likely related to PoisonSeed. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN…

Uncategorized

BLOG: My thoughts on improving analysis and reporting

Aaron Samala October 3, 2025 No Comments

TL;DR I share my thoughts on how I can improve, scoping the reporting, and such. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN AND…

Thruntellisearch - Threat Hunting/Intelligence Research

Thruntellisearch Analyst’s Pivot Checklist

Aaron Samala October 3, 2025 No Comments

TL;DR This is a checklist that thruntellisearch analysts can use in their quest to uncover additional adversary infrastructure. It may help provide a structured analysis. Tactical Pause THE CONTENT, VIEWS,…

Thruntellisearch - Threat Hunting/Intelligence Research

Oyster Malware Delivery via Teams Fake App

Aaron Samala September 28, 2025 2 Comments

TL;DR Oyster malware delivery via MS Teams Fake App. Tactical Pause THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE MY OWN AND DO NOT REFLECT THOSE OF MY…

Thruntellisearch - Threat Hunting/Intelligence Research

Malformed Rhadamanthys DoH Query

Aaron Samala August 30, 2025 No Comments

TL;DR This analysis documents how the Rhadamanthys malware sends a malformed DoH query with the Host field specified twice. It fails in Any Run tasks that have the MITM Proxy…

Breaking

Fake Malware TOAD via Malvertizing

PDFChampions YAPA Browser Hijacker/Loader Analysis

ConvertyFile Browser Hijacker

Convert Master Browser Hijacker Analysis

Teams Transcript Page Lure Delivers GoTo RMM

PoisonSeed YouTube-themed Career Phishing

BLOG: My thoughts on improving analysis and reporting

Thruntellisearch Analyst’s Pivot Checklist

Oyster Malware Delivery via Teams Fake App

Malformed Rhadamanthys DoH Query

You Missed

Fake Malware TOAD via Malvertizing

PDFChampions YAPA Browser Hijacker/Loader Analysis

ConvertyFile Browser Hijacker

Convert Master Browser Hijacker Analysis