InQuest Blog

InQuest Labs Year in Review

Posted on 2020-09-29 by Chris Morrow

labs

Detection in Depth

Posted on 2020-08-28 by Josiah Smith

Persian Kitties Hiding Benign Executables

Posted on 2020-08-15 by Josiah Smith

Tale of a Polished Carrier

Posted on 2020-07-27 by Josiah Smith

A Phishing TTP

Posted on 2020-07-09 by Josiah Smith

Blog Archive

2022
- May
  - Tandem Espionage
  - Detection Multiplexing
  April
  March
  - Cloud Atlas Maldoc
  February
  - Dangerously thinBasic
  - +380-GlowSpark
  January
  - 2022-01 AsyncRAT
  - Analysis of a Remcos RAT Dropper

2021
- December
  - Log4Shell
  - (Don't) Bring Dridex Home for the Holidays
  November
  - Graphical Lures In The Age of Cybercrime.
  - Adults Only Malware Lures
  October
  - How Email Works
  - Advanced Qbot Downloader
  September
  - Rechnung Financial Malspam
  - CVE-2021-40444
  August
  - The Trystero Project
  - Kimsuky Espionage Campaign
  July
  - Espionage Utilizing Mobile Devices
  - IcedID: 07.07.21
  June
  May
  - PSChain
  - Dive Into Cobalt Strike
  April
  - An Exploration and Explanation of Randomized Parameter Optimization
  - Unearthing Hancitor Infrastructure
  March
  - InQuest & MalwareBazaar Integration
  - Mail Provider Comparison
  February
  - Cracking Password Protected Payloads
  January
  - Carving Images for Leisure and Gain
  - String Encoding and YARA... Oh My

2020
- December
  - Social Engineering Attacks And E-mail Security
  - Clustering for Classification: Using Unsupervised Learning for Label Expansion
  November
  - The Trystero Project: A Comparison of Mail Providers
  - SOC-Class: Use Case Development
  October
  - Cybersecurity Awareness Month
  - Cerbero Suite: The Hacker’s Multitool
  September
  - InQuest Labs Year in Review
  August
  - Detection in Depth
  - Persian Kitties Hiding Benign Executables
  July
  - Tale of a Polished Carrier
  - A Phishing TTP
  June
  - Get The Most Out Of Your IoC: The Beginner’s Guide
  May
  - Detecting Coercive Lures with OCR
  - ZLoader 4.0 Macrosheets Evolution
  April
  - Deep File Inspection for Data Leakage
  March
  - COVID-19 Scare Tactics: Want to buy some masks?
  - Getting Sneakier: Hidden Sheets, Data Connections, and XLM Macros
  February
  - Reverse Engineering on Windows: A Focus on Malware
  January
  - Pyramid of Pain Vs. The Iceberg of Inspection
  - Internship Retrospective

2019
- December
  - Threat Hunting On Your Own Network With InQuest
  - Ransomware in Your Stocking
  November
  - Holiday Blog: Tis' the Season
  - Field Notes: Multistage Maldoc Delivers Executable Masked as JPG
  October
  - Base64 Encoded Regular Expressions for Fun and Profit
  - Programmatic Interaction with InQuest Labs via Python
  September
  - Adobe XMP: Tales of an Overlooked Anchor
  - Advanced Support for the SOC Hunter
  August
  July
  - Base64 Encoded Powershell Pivots
  - Emotet, Unmasking via Machine Learning
  June
  - YARA For Everyone: Sharing is Caring
  May
  - Abusing Registration-Free COM Interop
  April
  - Analysis of an Interesting Malicious HTA File
  March
  - Making a Twitter Bot with ThreatIngestor
  - Analyzing Sophisticated PowerShell Targeting Japan
  February
  - Family Matters: Using MinHash to Cluster Data
  - Quick Analysis of A Customer Malspam Encounter
  January
  - Extracting "Sneaky" Excel XLM Macros
  - Detecting Empire with InQuest

2018
- December
  - Ex Machina: A Frolic through the Forests
  - Short-Circuiting Boolean Operators in YARA
  November
  - Ex Machina: Man + Machine
  September
  - Stringless YARA Rules
  May
  April
  March
  February
  - An Introduction to Deep File Inspection
  - Adobe Flash MediaPlayer DRM Use-After-Free Vulnerability
  January
  - InQuest Deployed by DISA in the Joint Regional Security Stack (JRSS)

2017
- October

InQuest Blog

InQuest Labs Year in Review

Detection in Depth

Persian Kitties Hiding Benign Executables

Tale of a Polished Carrier

A Phishing TTP

Blog Archive

Blog Tags

Subscribe to InQuest Insider

Protect the Cloud

Defend the Enterprise

Empower Your Operations

More

Company

Products and Services

Partners

Resources

Support

InQuest Blog

InQuest Labs Year in Review

Detection in Depth

Persian Kitties Hiding Benign Executables

Tale of a Polished Carrier

A Phishing TTP

Blog Archive

Blog Tags

Subscribe to InQuest Insider