2021-10-29 (FRIDAY) - FILES FOR MY TALK AT THE 2021 TEXAS CYBER SUMMIT

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

 

PDF OF PRESENTATION SLIDES:

• 2021-10-29-presentation-for-TCS-talk-from-Brad.pdf.zip   2.1 MB   (2,109,055 bytes)

 

NOTES:

• I accidentally deleted the pcap and malware samples here, so they are no longer available.
• For examples of Squirrelwaffle malware and traffic, see the entries for Squirrelwaffle from 2021 at:


• 2021-09-17: Squirrelwaffle Loader with Cobalt Strike
• 2021-09-20: Squirrelwaffle Loader with Cobalt Strike
• 2021-09-21: Squirrelwaffle Loader with Cobalt Strike
• 2021-09-22: Squirrelwaffle Loader with Qakbot and Cobalt Strike
• 2021-09-23: Squirrelwaffle Loader with Qakbot and Cobalt Strike
• 2021-09-24: Squirrelwaffle Loader with Qakbot and Cobalt Strike

 

FIRST EXAMPLE (NO LONGER AVAILABLE):

• 2021-09-20-TR-Squirrelwaffle-Loader-with-Cobalt-Strike.pcap.zip   7.7 MB   (7,701,615 bytes)
• 2021-09-20-IOCs-for-TR-Squirrelwaffle-and-Cobalt-Strike.txt.zip   1.9 kB   (1,933 bytes)
• 2021-09-20-TR-Squirrelwaffle-and-Cobalt-Strike-malware-and-artifacts.zip   1.2 MB   (1,222,990 bytes)

SECOND EXAMPLE (NO LONGER AVAILABLE):

• 2021-10-04-TR-Squirrelwaffle-and-Qakbot-with-Cobalt-Strike.pcap.zip   20.2 MB   (20,255,399 bytes)
• 2021-10-04-IOCs-for-TR-Squirrelwaffle-Qakbot-and-Cobalt-Strike.txt.zip   1.9 kB   (1,923 bytes)
• 2021-10-04-TR-Squirrelwaffle-and-Qakbot-malware-and-artifacts.zip   909 kB   (908,635 bytes)

 

Click here to return to the main page.