Malware Traffic Analysis Net
2025-04-13: Twelve days of scans and probes and web traffic hitting my web server
8 months 2 weeks ago
2025-04-04: KongTuke activity
8 months 2 weeks ago
2025-03-26: SmartApeSG traffic for fake browser update leads to NetSupport RAT and StealC
9 months ago
2025-03-10: Remcos RAT infection
9 months 2 weeks ago
2025-03-03: Three days of scans and probes and web traffic hitting my web server
9 months 2 weeks ago
2025-02-18: SmartApeSG script for fake browser update leads to NetSupport RAT and StealC
10 months 1 week ago
2025-02-13: Quick post: ClickFix style infection for Lumma Stealer
10 months 2 weeks ago
2025-02-10: StrelaStealer infection
10 months 2 weeks ago
2025-02-07: Three days of scans and probes and web traffic hitting my web server
10 months 3 weeks ago
2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP
10 months 4 weeks ago
2025-01-30: XLoader infection
11 months ago
2025-01-28: Malware infection from web inject activity
11 months ago
2025-01-23: Fake installer leads to Koi Loader/Koi Stealer
11 months ago
2025-01-22: Traffic Analysis Exercise - Download from fake software site
11 months 1 week ago
2025-01-21: Quick post for Koi Loader/Koi Stealer activity
11 months 1 week ago
2025-01-13: KongTuke campaign leads to infection abusing BOINC platform
11 months 2 weeks ago
2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware
11 months 2 weeks ago
2025-01-04: Four days of scans and probes and web traffic hitting my web server
11 months 3 weeks ago
2024-11-14 - Raspberry Robin infection using WebDAV server
1 year 1 month ago
Checked
13 hours 34 minutes ago
A malware traffic analysis blog
Malware Traffic Analysis Net feed