This post serves as a dump of IOCs seen in the last 90 days related to LiteHTTP malware. The interest into LiteHTTP came from a bump in sighting in the month of may 2018. One particular instance of a control…
6 months of QuantLoader
Last december 2017, I started to actively hunt for Malware c2 web panels via virustotal submissions and open source data. I encountered 37 families of malware that had an HTTP web panels. Some are very common, like lokibot, pony, some…
30 days later – 97 Panels
It’s been one month since I noticed an increase in number of malware communication to a certain IP: 185.6.242[.]251 and the trend has not slowed down in the last 30 days. The total of web panel malware seen the last…