This repository serves as a centralized hub for collecting and sharing Indicators of Compromise (IOCs) derived from reverse engineered malware samples. The aim is to provide a valuable resource for the cybersecurity community, enabling researchers, analysts, and defenders to identify, analyze, and mitigate threats effectively. Each set of IOCs is intended to be accompanied by context about the malware’s behavior, evasion techniques, and payloads, often linked to detailed reverse engineering analyses.
- Centralize IOCs extracted from reverse engineered malware samples.
- Offer actionable intelligence for threat hunting, incident response, and malware detection.
- Provide context for each set of IOCs by linking to detailed analyses (e.g., blog posts, reports) that describe the reverse engineering process and the malware’s tactics, techniques, and procedures (TTPs).
- Encourage collaboration within the cybersecurity community by inviting contributions of additional IOCs or related analyses.
The IOCs in this repository can be used for:
- Threat Hunting: Search for these indicators in network traffic, logs, or file systems to identify potential infections.
- Incident Response: Use the IOCs to scope and remediate incidents involving the listed malware.
- Research: Leverage the IOCs and linked analyses to study malware trends, TTPs, and evasion techniques.
htts://denwp.com