Teoderick Contreras

I'm a Senior Threat Research Engineer on Splunk's Threat Research Team. I've been working in the cybersecurity industry for almost 12+ years. I primarily focus on malware reverse engineering/analysis, digital forensics and detection development.

Security 10 Min Read

Behind the Walls: Techniques and Tactics in Castle RAT Client Malware

Uncover CastleRAT malware's techniques (TTPs) and learn how to build Splunk detections using MITRE ATT&CK. Protect your network from this advanced RAT.

Security 10 Min Read

Hide Me Again: The Updated Multi-Payload .NET Steganography Loader That Includes Lokibot

An analysis on the updated .NET steganography loader delivering Lokibot malware, including evasion techniques, MITRE ATT&CK TTPs, and Splunk detections to enhance threat identification.

Security 10 Min Read

From Prompt to Payload: LAMEHUG’s LLM-Driven Cyber Intrusion

The Splunk Threat Research Team analyzes the LAMEHUG malware, examining its tactics and techniques to provide insights that can help SOC analysts and blue teamers identify and respond.

Security 13 Min Read

Picture Paints a Thousand Codes: Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Uncover how to identify malicious executable loaders that use steganography to deliver payloads such as Quasar RAT.

Security 16 Min Read

When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.

Security 13 Min Read

XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.