Da Samala Tech blogs on malware and stuffs
TL;DR This documents specific steps you can take to find ClickFix infrastructure via RussianPanda‘s workflow. Summary Up Front This document builds on RussianPanda’s workflow to find ClickFix infrastructure. You can…
TL;DR I saw a post on X that inspired me to search Shodan. I found an open directory associated with APT-C-35 (attribution based on file hashes that were listed in…
Intro @Gootloader recently published a new article showing how he found the Gootloader TA has updated their delivery vector. Previously, Gootloader was delivered by tricking the victim into thinking the…
Short and simple This discusses how I found some AAFES (Army Air Force Exchange Service) themed phishing sites. Before continuing THE CONTENT, VIEWS, AND OPINIONS EXPRESSED ON THIS DOCUMENT ARE…
This article documents repeatable steps for analysts and enthusiast researchers to search for and identify phishing sites masquerading as banking sites, specifically focusing on Navy Federal Credit Union. It builds…
Learn to automate Gootkit malware detection using urlscan.io. This guide covers the use of urlscan.io's API and Python scripting to efficiently identify and analyze malicious forum loader scripts, enhancing your…
Aaron Samala