Tag: analysis

Brushaloader gaining new layers like a pro

Date of publication: 19/11/2019, Michał Praszmo

Yo dawg, I heard you like droppers so I put a dropper in your dropper

On 2019-11-18 we received a report that some of Polish users have began receiving malspam imitating DHL:

In this short article, we’ll take a look at the xls document that has been used as a (1st stage) dropper distributing another well-known (2nd stage) dropper – brushaloader.

Read more

Network traffic periodicity analysis of dark address space

Date of publication: 01/08/2016, piotrb

Network traffic directed to dark address space of IPv4 protocol can be a good source of information about current state of the Internet. Despite the fact that no packets should be sent to such addresses, in practice various traffic types can be observed there, for example echoes of Denial of Service (DoS) attacks, automated port scanners or misconfiguration of some client software. Example of a DFT plotOften the packets are sent periodically, i.e. in regular intervals. This periodicity can be analyzed by applying the Discrete Fourier Transform (DFT) to the network traffic. Our report shows how such analysis can be performed and also its results. You can read the report here.