Decrypting QBot/QakBot Registry
zam Recently, we have host machine that been infected with QBot/QakBot. Upon investigation, we found that it added a registry with some random name. Based on Googling, I found this article…
2022
Windows Credentials Manager – Looking for cached Zip Passwords
Intro When you open a password protected zip archive using Windows Explorer (“Extract All…”); in Windows 8.x/10, the password is automatically cached in the Credentials Manager for the life of…