Welcome to Jaalma's Blog.
Digital forensics, malware analysis and all things blue team!
Analyzing a VIDAR Infostealer Sample
While reviewing samples submitted to Any.Run, I came across a recently-compiled binary that appeared to inject into a target process before performing some suspicious HTTP requests. After further analysis, this binary was found to be consistent with the VIDAR infostealer.
BlueTeamLabs Investigation: Phishy V1
You have been sent a phishing link — It is your task to investigate this website and find out everything you can about the site, the actor responsible, and perform threat intelligence work on the operator(s) of the phishing site.