Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-190ffset BlogChuong Dong
@online{dong:20220419:bazarloader:902cf53, author = {Chuong Dong}, title = {{BAZARLOADER: Unpacking An ISO File Infection}}, date = {2022-04-19}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/bazarloader-iso-file-infection/}, language = {English}, urldate = {2022-04-20} } BAZARLOADER: Unpacking An ISO File Infection
BazarBackdoor
2022-02-150ffset BlogChuong Dong
@online{dong:20220215:matanbuchus:cd8acc2, author = {Chuong Dong}, title = {{MATANBUCHUS: Another Loader As A Service Malware}}, date = {2022-02-15}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/matanbuchus-loader-analysis/}, language = {English}, urldate = {2022-02-17} } MATANBUCHUS: Another Loader As A Service Malware
Matanbuchus
2021-12-310ffset BlogChuong Dong
@online{dong:20211231:hancitor:734a06a, author = {Chuong Dong}, title = {{HANCITOR: Analysing The Main Loader}}, date = {2021-12-31}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/hancitor-analysing-the-main-loader/}, language = {English}, urldate = {2022-02-01} } HANCITOR: Analysing The Main Loader
Hancitor
2021-11-230ffset BlogChuong Dong
@online{dong:20211123:hancitor:140d2c0, author = {Chuong Dong}, title = {{HANCITOR: Analysing The Malicious Document}}, date = {2021-11-23}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/hancitor-maldoc-analysis/}, language = {English}, urldate = {2022-02-01} } HANCITOR: Analysing The Malicious Document
Hancitor
2021-10-260ffset BlogChuong Dong
@online{dong:20211026:dridex:e054dc4, author = {Chuong Dong}, title = {{DRIDEX: Analysing API Obfuscation Through VEH}}, date = {2021-10-26}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/dridex-veh-api-obfuscation/}, language = {English}, urldate = {2021-11-03} } DRIDEX: Analysing API Obfuscation Through VEH
DoppelDridex
2021-10-080ffset BlogChuong Dong
@online{dong:20211008:squirrelwaffle:4549cd1, author = {Chuong Dong}, title = {{SQUIRRELWAFFLE – Analysing The Main Loader}}, date = {2021-10-08}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/squirrelwaffle-main-loader/}, language = {English}, urldate = {2021-10-14} } SQUIRRELWAFFLE – Analysing The Main Loader
Cobalt Strike Squirrelwaffle
2021-10-010ffset BlogChuong Dong
@online{dong:20211001:squirrelwaffle:24c9b06, author = {Chuong Dong}, title = {{SQUIRRELWAFFLE – Analysing the Custom Packer}}, date = {2021-10-01}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/squirrelwaffle-custom-packer/}, language = {English}, urldate = {2021-10-14} } SQUIRRELWAFFLE – Analysing the Custom Packer
Cobalt Strike Squirrelwaffle
2021-07-240ffset BlogDaniel Bunce
@online{bunce:20210724:quack:ddda5cd, author = {Daniel Bunce}, title = {{Quack Quack: Analysing Qakbot’s Browser Hooking Module – Part 1}}, date = {2021-07-24}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/qakbot-browser-hooking-p1/}, language = {English}, urldate = {2021-08-02} } Quack Quack: Analysing Qakbot’s Browser Hooking Module – Part 1
QakBot
2021-07-060ffset BlogDaniel Bunce, 0verfl0w_
@online{bunce:20210706:new:36ccc46, author = {Daniel Bunce and 0verfl0w_}, title = {{New TA402/MOLERATS Malware – Decrypting .NET Reactor Strings}}, date = {2021-07-06}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/molerats-string-decryption/}, language = {English}, urldate = {2021-07-11} } New TA402/MOLERATS Malware – Decrypting .NET Reactor Strings
SharpStage
2019-07-080ffset Blog0verfl0w_
@online{0verfl0w:20190708:analyzing:b984acf, author = {0verfl0w_}, title = {{Analyzing KSL0T (Turla’s Keylogger), Part 2 – Reupload}}, date = {2019-07-08}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/malware-analysis/analyzing-turlas-keylogger-2/}, language = {English}, urldate = {2020-01-10} } Analyzing KSL0T (Turla’s Keylogger), Part 2 – Reupload
KSL0T
2019-07-080ffset Blog0verfl0w_
@online{0verfl0w:20190708:analyzing:f246b28, author = {0verfl0w_}, title = {{Analyzing KSL0T (Turla’s Keylogger), Part 1 – Reupload}}, date = {2019-07-08}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/malware-analysis/analyzing-turlas-keylogger-1/}, language = {English}, urldate = {2020-01-06} } Analyzing KSL0T (Turla’s Keylogger), Part 1 – Reupload
KSL0T
2019-05-250ffset Blog0verfl0w_
@online{0verfl0w:20190525:analyzing:84874ea, author = {0verfl0w_}, title = {{Analyzing ISFB – The Second Loader}}, date = {2019-05-25}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/malware-analysis/analyzing-isfb-second-loader/}, language = {English}, urldate = {2020-01-13} } Analyzing ISFB – The Second Loader
ISFB
2019-03-130ffset Blog0verfl0w_
@online{0verfl0w:20190313:analysing:1f83706, author = {0verfl0w_}, title = {{Analysing ISFB – The First Loader}}, date = {2019-03-13}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/malware-analysis/analysing-isfb-loader/}, language = {English}, urldate = {2020-01-10} } Analysing ISFB – The First Loader
ISFB
2019-02-050ffset Blog0verfl0w_
@online{0verfl0w:20190205:revisiting:8e39d7e, author = {0verfl0w_}, title = {{Revisiting Hancitor in Depth}}, date = {2019-02-05}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/malware-analysis/reversing-hancitor-again/}, language = {English}, urldate = {2020-01-06} } Revisiting Hancitor in Depth
2019-01-150ffset Blog0verfl0w_
@online{0verfl0w:20190115:analyzing:bf3b215, author = {0verfl0w_}, title = {{Analyzing COMmunication in Malware}}, date = {2019-01-15}, organization = {0ffset Blog}, url = {https://0ffset.net/reverse-engineering/analyzing-com-mechanisms-in-malware/}, language = {English}, urldate = {2020-01-06} } Analyzing COMmunication in Malware
ISFB