Title: Thinkbox
Open Graph Title: Thinkbox
X Title: Thinkbox
Description: Writings about malware, offensive tradecraft, and detections surrounding both.
Open Graph Description: Writings about malware, offensive tradecraft, and detections surrounding both.
X Description: Writings about malware, offensive tradecraft, and detections surrounding both.
Opengraph URL: https://posts.thinkbox.dev/
X: @iiamaleks
Generator: Ghost 6.3
Domain: posts.thinkbox.dev
{
"@context": "https://schema.org",
"@type": "WebSite",
"publisher": {
"@type": "Organization",
"name": "Thinkbox",
"url": "https://posts.thinkbox.dev/",
"logo": {
"@type": "ImageObject",
"url": "https://posts.thinkbox.dev/favicon.ico",
"width": 48,
"height": 48
}
},
"url": "https://posts.thinkbox.dev/",
"name": "Thinkbox",
"mainEntityOfPage": "https://posts.thinkbox.dev/",
"description": "Writings about malware, offensive tradecraft, and detections surrounding both."
}
| None | IE=edge |
| HandheldFriendly | True |
| referrer | no-referrer-when-downgrade |
| og:site_name | Thinkbox |
| og:type | website |
| twitter:card | summary |
| twitter:url | https://posts.thinkbox.dev/ |
Links:
| Thinkbox | https://posts.thinkbox.dev |
| Home | https://posts.thinkbox.dev/ |
| About | https://posts.thinkbox.dev/about/ |
| Old Blog | https://blog.thinkbox.dev/ |
| https://posts.thinkbox.dev/koi-loader-attack-chain-analysis/ | |
| Koi Loader Attack Chain Analysis Overview This post will cover at a high level the attack chain that Koi Loader takes in order to deploy Koi stealer on a system. All artifacts and samples were retrieved from Malware Traffic. Fake Installer Initial Execution Fake Installer Initial access for this sample took form of a digitally | https://posts.thinkbox.dev/koi-loader-attack-chain-analysis/ |
| https://posts.thinkbox.dev/lockbit-3-0-analysis/ | |
| Malware Analysis Lockbit 3.0 Analysis Lockbit 3.0 Analysis | https://posts.thinkbox.dev/lockbit-3-0-analysis/ |
| https://posts.thinkbox.dev/icedid-analysis-part1/ | |
| Malware Analysis IcedID Initial Attack Chain Analysis Analysis of the IcedID attack chain all the way to the loading of the core module. | https://posts.thinkbox.dev/icedid-analysis-part1/ |
| https://posts.thinkbox.dev/remote-portable-executable-injection/ | |
| Malware Development Remote Portable Executable Injection Classic Remote Process Injection Implementation | https://posts.thinkbox.dev/remote-portable-executable-injection/ |
| https://posts.thinkbox.dev/local-portable-executable-injection/ | |
| Malware Development Local Portable Executable Injection Self Injecting a Payload into your own running process. | https://posts.thinkbox.dev/local-portable-executable-injection/ |
| https://posts.thinkbox.dev/reflective-dll-injection/ | |
| Malware Development Reflective DLL Injection Implementing and detecting Reflective DLL Injections attacks. | https://posts.thinkbox.dev/reflective-dll-injection/ |
| https://posts.thinkbox.dev/malware-techniques-dll-injection/ | |
| Malware Development Implementing DLL Injection Writing and Detecting DLL Injection | https://posts.thinkbox.dev/malware-techniques-dll-injection/ |
| Thinkbox | https://posts.thinkbox.dev |
| Powered by Ghost | https://ghost.org/ |
Viewport: width=device-width, initial-scale=1.0