Ayush Anand

@Securityinbits

I tweet about my learning in Malware analysis, Threat Intel, Detection engineer and DFIR journey. Opinions are mine only!

Singapore

Joined September 2015

268Following

1KFollowers

Pinned

Ayush Anand@Securityinbits · Feb 13, 2024

🔥Welcome back to the RedLine Malware Series!! In this final Part 3, we’ll show you how to manually unpack/dump the three stages & extract config from RedLine using dnSpyEx. Activator.CreateInstance used to execute the 2nd stage dll dynamically. securityinbits.com/malware-analys…

Securityinbits's tweet card. Dive into unpacking and extracting config from RedLine Stealer using dnSpyEx. This is the 3rd part in our RedLine malware series.

100

5.0K

Ayush Anand Retweeted

Ayush Anand@Securityinbits · Jul 25

Defending against the return of Lumma Stealer? According to Trend Micro, it's spreading via: 1️⃣ Fake cracked software 2️⃣ Deceptive sites 3️⃣ Social media posts e.g. cracked software Use this SIGMA rule by @cyb3rops to catch malware using renamed AutoIt binary

4.0K

Ayush Anand Retweeted

Ayush Anand@Securityinbits · Jul 17

Defending against ClickFix delivering SectopRAT (Arechclient2)? Recently, Coinbase-themed ClickFix attacks have been observed deploying GHOSTPULSE & SectopRAT PS → URL → PS → EXE Use these four sigma rules and refer to the process tree to detect potential threats

3.0K

Ayush Anand@Securityinbits · Jul 22

Hey @_JohnHammond looks like the threat actors behind the Pentagon stealer (MaaS) are big fans of you and Santa 🎅 One of the admins is using your pic from an old YouTube video 👀 You’ve got fans everywhere 😄

SSourajeet 🔍@soursecc · Jul 21

The private Telegram group currently has around 80 members. It’s maintained primarily by 5 key individuals: • 1aCry (owner) • Peter (manager) • Max (admin) ̐• Melik (admin) • Daniel (admin)

13.0K