List of “September 2017”

  • Chase up Datper’s Communication Logs with Splunk/Elastic Stack Incident
    Chase up Datper’s Communication Logs with Splunk/Elastic Stack
    The last article introduced some features of Datper malware and a Python script for detecting its distinctive communication. Based on that, we are presenting how to search proxy logs for Datper’s communication using log management tools – Splunk and Elastic Stack (Elasticsearch, Logstash and Kibana). For Splunk To extract Datper’s communication log using Splunk, the first thing you need to do is to create a custom search command as follows....

    Read more