Malware Enthusiast. Appreciator of Burritos. Former Detection Engineer at Huntress.

‍

","companyName","Embee Research","metadata",{"_62":174,"_175":6,"_176":6,"_52":177},"Matthew Brennan | Huntress","noIndex","noFollow","Read blog posts from Matthew Brennan on the Huntress Blog.","jobTitle","Security Researcher & Technical Writer","groups",[182,203],{"_183":184},"group",{"_39":185,"_15":186,"_187":180,"_45":188},"@builder.io/core:Reference","00d1d80145b14a6b87c45567b169a8f4","model",{"_36":189,"_11":190,"_13":191,"_15":186,"_17":192,"_19":193,"_21":21,"_22":194,"_47":198,"_136":199,"_138":200,"_140":201,"_141":142,"_145":146,"_147":146,"_149":202},[],[],1735687100903,"Authors","8749400659754b178d5088546f7b2f6f",{"_26":195,"_24":47,"_34":50},{"_30":196,"_32":197},478,1023,{"_17":192},{},1735687106469,1735687106464,"j3jyi3t2pos",{"_183":204},{"_39":185,"_15":205,"_187":180,"_45":206},"babc0d8823f34ab894a4431d5b302dc7",{"_36":207,"_11":208,"_13":209,"_15":205,"_17":210,"_19":193,"_21":21,"_22":211,"_47":213,"_136":214,"_138":215,"_140":216,"_141":142,"_145":146,"_147":146,"_149":217},[],[],1742334085525,"Speakers",{"_26":212,"_24":47,"_34":50},{"_28":29,"_30":31,"_32":33},{"_17":210},{},1742334347573,1742334347569,"j94xocu91v8","profileImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F614678645a7f4d4390c95f21d47ba040",{},1742758868932,"XBN8lOXr7QMH6JvQimte3OCtO6c2","84p1mlfrmmf","blogPosts",[226,277,316,346],{"_15":227,"_17":228,"_47":229},"65f3299e49a461b4b9c72d55","Advanced CyberChef Tips: AsyncRAT Loader",{"_54":230,"_231":232,"_233":234,"_254":255,"_256":-5,"_133":257,"_275":276},"advanced-cyberchef-tips-asyncrat-loader","thumbnail","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F18dea642c9f6405991173434dc351c2a","categories",[235],{"_236":237},"category",{"_39":185,"_15":238,"_187":239,"_45":240},"65f3299e49a461b4b9c72e31","blog-categories",{"_15":238,"_17":241,"_21":21,"_13":242,"_19":243,"_47":244,"_149":253},"Threat Analysis",1739997400726,"b7b51689bde4424484bccde4b9ee6d6b",{"_17":241,"_54":245,"_172":246,"_249":247,"_53":248,"_250":251,"_52":252},"threat-analysis",{"_62":247,"_52":248},"Threat Analysis Blog Posts | Huntress","Read our Threat Analyses in these Huntress blog posts. ","metaTitle","canonicalUrl","https://www.huntress.com/blog-categories/threat-analysis","

Dive in and nerd out with us on current and emerging cybersecurity threats. We cover attack vectors, threat actors, and new vulnerabilities, providing insights to help you understand and counteract these risks.

","1g54d6ajo8b","publishDate","May 9, 2023","lastUpdatedDate",[258],{"_259":260},"author",{"_39":185,"_15":158,"_187":64,"_45":261},{"_36":262,"_11":263,"_13":157,"_15":158,"_17":159,"_19":160,"_21":21,"_22":264,"_47":266,"_136":273,"_138":221,"_140":157,"_141":142,"_145":222,"_147":222,"_149":274},[],[],{"_26":265,"_24":47,"_34":50},{"_28":29,"_30":31,"_32":33},{"_164":165,"_166":-5,"_17":159,"_54":167,"_168":169,"_170":171,"_172":267,"_178":179,"_180":268,"_218":219},{"_62":174,"_175":6,"_176":6,"_52":177},[269,271],{"_183":270},{"_39":185,"_15":186,"_187":180},{"_183":272},{"_39":185,"_15":205,"_187":180},{},"3c98g24f84d","sortDate",["D",1683590400000],{"_15":278,"_17":279,"_47":280},"65f3299e49a461b4b9c72deb","Hackers No Hashing: Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection",{"_54":281,"_231":282,"_233":283,"_254":298,"_256":-5,"_133":299,"_275":315},"hackers-no-hashing-randomizing-api-hashes-to-evade-cobalt-strike-shellcode-detection","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F01b8bc30a8584736a5f685df0a4170eb",[284],{"_236":285},{"_39":185,"_15":286,"_187":239,"_45":287},"65f3299e49a461b4b9c72e4d",{"_15":286,"_17":288,"_21":21,"_13":289,"_19":243,"_47":290,"_149":297},"Cybersecurity Education",1739997399371,{"_17":288,"_54":291,"_172":292,"_249":293,"_53":294,"_250":295,"_52":296},"cybersecurity-education",{"_62":293,"_52":294},"Cybersecurity Education Blog Posts | Huntress","Read more about Cybersecurity Education in these Huntress blog posts. ","https://www.huntress.com/blog-categories/cybersecurity-education","

Cybersecurity education should be accessible and actionable, not jargony. Welcome to your hub for mastering the fundamentals and beyond. Get education and advice from our experts to deepen your knowledge and stay ahead of cyber threats—made for all levels.

","zuvukkjn9zo","February 16, 2022",[300],{"_259":301},{"_39":185,"_15":158,"_187":64,"_45":302},{"_36":303,"_11":304,"_13":157,"_15":158,"_17":159,"_19":160,"_21":21,"_22":305,"_47":307,"_136":314,"_138":221,"_140":157,"_141":142,"_145":222,"_147":222,"_149":274},[],[],{"_26":306,"_24":47,"_34":50},{"_28":29,"_30":31,"_32":33},{"_164":165,"_166":-5,"_17":159,"_54":167,"_168":169,"_170":171,"_172":308,"_178":179,"_180":309,"_218":219},{"_62":174,"_175":6,"_176":6,"_52":177},[310,312],{"_183":311},{"_39":185,"_15":186,"_187":180},{"_183":313},{"_39":185,"_15":205,"_187":180},{},["D",1644969600000],{"_15":317,"_17":318,"_47":319},"65f3299e49a461b4b9c72e06","Snakes on a Domain: An Analysis of a Python Malware Loader",{"_54":320,"_231":321,"_233":322,"_254":328,"_256":-5,"_133":329,"_275":345},"snakes-on-a-domain-an-analysis-of-a-python-malware-loader","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4ac9b8939b2244ea9812e44f375a172a",[323],{"_236":324},{"_39":185,"_15":238,"_187":239,"_45":325},{"_15":238,"_17":241,"_21":21,"_13":242,"_19":243,"_47":326,"_149":253},{"_17":241,"_54":245,"_172":327,"_249":247,"_53":248,"_250":251,"_52":252},{"_62":247,"_52":248},"August 17, 2021",[330],{"_259":331},{"_39":185,"_15":158,"_187":64,"_45":332},{"_36":333,"_11":334,"_13":157,"_15":158,"_17":159,"_19":160,"_21":21,"_22":335,"_47":337,"_136":344,"_138":221,"_140":157,"_141":142,"_145":222,"_147":222,"_149":274},[],[],{"_26":336,"_24":47,"_34":50},{"_28":29,"_30":31,"_32":33},{"_164":165,"_166":-5,"_17":159,"_54":167,"_168":169,"_170":171,"_172":338,"_178":179,"_180":339,"_218":219},{"_62":174,"_175":6,"_176":6,"_52":177},[340,342],{"_183":341},{"_39":185,"_15":186,"_187":180},{"_183":343},{"_39":185,"_15":205,"_187":180},{},["D",1629158400000],{"_15":347,"_17":348,"_47":349},"65f3299e49a461b4b9c72e1c","Cobalt Strikes Again: An Analysis of Obfuscated Malware",{"_54":350,"_231":351,"_233":352,"_254":358,"_256":-5,"_133":359,"_275":375},"cobalt-strike-analysis-of-obfuscated-malware","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F960a09d94f2949da8eb1ff1d3096189c",[353],{"_236":354},{"_39":185,"_15":238,"_187":239,"_45":355},{"_15":238,"_17":241,"_21":21,"_13":242,"_19":243,"_47":356,"_149":253},{"_17":241,"_54":245,"_172":357,"_249":247,"_53":248,"_250":251,"_52":252},{"_62":247,"_52":248},"May 25, 2021",[360],{"_259":361},{"_39":185,"_15":158,"_187":64,"_45":362},{"_36":363,"_11":364,"_13":157,"_15":158,"_17":159,"_19":160,"_21":21,"_22":365,"_47":367,"_136":374,"_138":221,"_140":157,"_141":142,"_145":222,"_147":222,"_149":274},[],[],{"_26":366,"_24":47,"_34":50},{"_28":29,"_30":31,"_32":33},{"_164":165,"_166":-5,"_17":159,"_54":167,"_168":169,"_170":171,"_172":368,"_178":179,"_180":369,"_218":219},{"_62":174,"_175":6,"_176":6,"_52":177},[370,372],{"_183":371},{"_39":185,"_15":186,"_187":180},{"_183":373},{"_39":185,"_15":205,"_187":180},{},["D",1621900800000],"common",{"_378":379,"_394":395,"_462":463},"headerContent",[380],{"_15":381,"_17":382,"_47":383,"_138":393},"58922ccec86f4a31afd22c221dc93cea","About Feature",{"_384":385,"_62":386,"_387":388,"_389":390,"_391":392},"summary","

When a mass-isolation event hit, Key Methods realized they were flying blind. See how Huntress Managed SIEM gave them the visibility they needed.

","Key Methods","altText","Key Methods Thumbnail ","image","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fccbc23d75b9640b69566b916ea6f832a","link","https://cdn.builder.io/o/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F659979229f5449f28c49a65895b9d2ef?alt=media&token=e87850ca-2ec6-4625-a6d9-b2e8a487f1ad&apiKey=3eb6f92aedf74f109c7b4b0897ec39a8",1745874913292,"g2Awards",[396,415,433,451],{"_15":397,"_17":398,"_47":399},"b1ef1fa50cc44b4cb964fcd76ce27c47","Managed SAT Awards",{"_236":400,"_401":402},"Managed SAT","images",[403,406,409,412],{"_389":404,"_387":405},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe6cc6492c7ad457db8613e2be1b0bf7a","Security Awareness Training Leader Small Business G2 Badges Spring 2025",{"_389":407,"_387":408},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa20ef7581ec94548b774ab925b721874","Security Awareness Training Momentum Leader G2 Badges Spring 2025",{"_389":410,"_387":411},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fb22fd7c3f53744aeaad49a1383a8adf2","Security Awareness Training Regional Leader EMEA G2 Badges Spring 2025",{"_387":413,"_389":414},"Security Awareness Training Regional Leader Europe G2 Badges Spring 2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F8fc8eb8c2feb400dabbbe15a0e65ebd4",{"_15":416,"_17":417,"_47":418},"a15035cbedea4437bf339e54f6573731","Managed ITDR Awards",{"_236":419,"_401":420},"Managed ITDR",[421,424,427,430],{"_389":422,"_387":423},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F9710816629b94b46803509bc69c90b6c","Identity Threat Detection and Response (ITDR) Leader G2 Badge Spring 2025",{"_387":425,"_389":426},"Identity Threat Detection and Response (ITDR) High Performer G2 Badge Spring 2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffbee1654661a4853b7bdc68eba98a19b",{"_387":428,"_389":429},"Identity Threat Detection and Response (ITDR) Best Estimated ROI G2 Badge Spring 2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4c7270fe798448eb893d35ec3a6c5230",{"_389":431,"_387":432},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fac3ee471f9be4debbe512f873584df07","Identity Threat Detection and Response (ITDR) Best Support G2 Badge Spring 2025",{"_15":434,"_17":435,"_47":436},"f4f2c8064b7e4e92b01a3c95a41dde18","Managed EDR Awards",{"_401":437,"_236":450},[438,441,444,447],{"_387":439,"_389":440},"Managed Detection and Response(MDR) Grid Leader G2 Badge Spring 2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F54010559656e44848d6f2b5e1478bd6f",{"_389":442,"_387":443},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F559f64e417b34c02ae35785fa6f44de1","Managed Detection and Response(MDR) High Performer Enterprise G2 Badge Spring 2025",{"_389":445,"_387":446},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F64b4e0f5995b44ed95804354224cb723","Managed Detection and Response(MDR) Best Support G2 Badge Spring 2025",{"_387":448,"_389":449},"Managed Detection and Response(MDR) Best Results G2 Badge Spring 2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd748e2d9379544119bb9895ec2304877","Managed EDR",{"_15":452,"_17":453,"_47":454},"9b043f11647d490c8780d9136cf88b34","Default G2 Awards",{"_236":455,"_401":456},"default",[457,458,459,461],{"_389":442,"_387":443},{"_389":445,"_387":446},{"_389":460},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4b380ad74f5142e682933db387225c5f",{"_389":449,"_387":448},"assetTypes",[464,467,470,473,476,479,482,485],{"_15":465,"_17":466},"65f3299e49a461b4b9c72e3c","Datasheet",{"_15":468,"_17":469},"65f3299e49a461b4b9c72e3e","Handbook",{"_15":471,"_17":472},"65f3299e49a461b4b9c72e39","On-Demand Webinar",{"_15":474,"_17":475},"65f3299e49a461b4b9c72e38","Report",{"_15":477,"_17":478},"65f3299e49a461b4b9c72e40","Success Kit",{"_15":480,"_17":481},"65f3299e49a461b4b9c72e3d","Video",{"_15":483,"_17":484},"65f3299e49a461b4b9c72e3b","Whitepaper",{"_15":486,"_17":487},"65f3299e49a461b4b9c72e3a","eBook","builderApiKey","3eb6f92aedf74f109c7b4b0897ec39a8","actionData","errors"]

Managed EDR

Managed Security Awareness Training

Managed ITDR

Managed SIEM

Learn More

Phishing

Compliance

Business Email Compromise

Education

Finance

Healthcare

Manufacturing

State & Local Government

Healthcare Cybersecurity Success Kit

Managed Service Providers

Value Added Resellers

Business & IT Teams

Huntress SOC

Case Studies

Bitdefender

Blackpoint

CrowdStrike

Datto

SentinelOne

Sophos

Webroot

Datasheets

Ebooks

Reports

On-Demand Webinars

Whitepapers

Videos

Blog

Upcoming Events

Support Documentation

Integrations

The Huntress Threat Report

Our Story

Leadership

Latest News

Awards

Careers

Upcoming Events

Contact Us

Key Methods

Matthew Brennan

About

Posts by this author