Antivirus Event Analysis Cheat Sheet v1.7.2

by Florian Roth | Oct 4, 2019

We’ve just released an updated version of our Antivirus Event Analysis cheat sheet. You can download version 1.7.2 here.

The major changes are:

Updated AV signature lists
Extended file extension list

About the author:

Florian Roth

Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.

Recent Blog Posts

Mjolnir Security: Incident Response Training – Dive Deep into Cybersecurity September 26, 2023
Detecting JanelaRAT with Yara and THOR September 15, 2023
How to scan Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core for CVE-2023-35078 Exploitation July 25, 2023
How to Perform Compromise Assessments on NetScaler / Citrix ADC Appliances Using THOR July 20, 2023
Hunting Ducks – A Threat Hunters Take on Ducktail Stealer June 29, 2023

Blog Topics

Alert (13)
APT (7)
ASGARD Analysis Cockpit (8)
ASGARD Management Center (18)
Aurora (3)
Bug Report (1)
Check Point (1)
Command Line (9)
LOKI (4)
Newsletter (76)
Nextron (43)
Partner (3)
Press (1)
Security Fix (5)
Security Monitoring (22)
Service Notice (2)
Sigma (6)
SPARK (14)
SPARK Core (5)
Splunk (2)
THOR (62)
THOR Cloud (3)
THOR Lite (24)
Thunderstorm (3)
Tool (19)
Training (1)
Tutorial (32)
VALHALLA (7)
Video (3)
YARA (18)

Antivirus Event Analysis Cheat Sheet v1.7.2

About the author:

Florian Roth

Newsletter

Recent Blog Posts

Blog Topics