-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
As we can see in this pic -> https://i.postimg.cc/qRPSyjvL/Screenshot-at-2022-09-04-13-36-40.png the crypted payload also fires off a lot more of the yara rules from the Yara Rules Project, so it's just a lot "louder" in terms of static analysis too. Top section is a payload that currently does not get detected, and does not use any encryption (the other screenshot showing OneNote.exe was actually taken from my test VM with this payload, so it definitely doesn't get detected lol). Bottom is the scarecrow payload that's aes256'd and still got caught pretty quick.
Related posts
-
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
-
Bincapz: Enumerate binary capabilities, including malicious behaviors
-
When does an old iPhone become unsafe to use?
-
macos-ttps-yara: A ruleset to find potentially malicious code in macOS malware samples
-
LOLBAS: Living Off the Land Binaries, Scripts and Libraries