Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-18MorphisecArnold Osipov, Michael Dereviashkin
@online{osipov:20230418:what:516436d, author = {Arnold Osipov and Michael Dereviashkin}, title = {{What Makes Invalid Printer Loader So Stealthy?}}, date = {2023-04-18}, organization = {Morphisec}, url = {https://blog.morphisec.com/in2al5d-p3in4er}, language = {English}, urldate = {2023-04-22} } What Makes Invalid Printer Loader So Stealthy?
Aurora
2023-03-07MorphisecArnold Osipov
@online{osipov:20230307:sys01:675aea6, author = {Arnold Osipov}, title = {{SYS01 Stealer}}, date = {2023-03-07}, organization = {Morphisec}, url = {https://blog.morphisec.com/sys01stealer-facebook-info-stealer}, language = {English}, urldate = {2023-03-13} } SYS01 Stealer
2022-08-11MorphisecHido Cohen, Arnold Osipov
@online{cohen:20220811:aptc35:bc731cd, author = {Hido Cohen and Arnold Osipov}, title = {{APT-C-35 GETS A NEW UPGRADE}}, date = {2022-08-11}, organization = {Morphisec}, url = {https://blog.morphisec.com/apt-c-35-new-windows-framework-revealed}, language = {English}, urldate = {2023-04-25} } APT-C-35 GETS A NEW UPGRADE
Unidentified 102 (Donot)
2022-03-29MorphisecArnold Osipov
@online{osipov:20220329:exclusive:37a9d8b, author = {Arnold Osipov}, title = {{Exclusive Threat Research: Mars (Stealer) Attacks!}}, date = {2022-03-29}, organization = {Morphisec}, url = {https://blog.morphisec.com/threat-research-mars-stealer}, language = {English}, urldate = {2022-03-31} } Exclusive Threat Research: Mars (Stealer) Attacks!
Mars Stealer
2022-02-14MorphisecHido Cohen, Arnold Osipov
@techreport{cohen:20220214:journey:6c209dc, author = {Hido Cohen and Arnold Osipov}, title = {{Journey of a Crypto Scammer - NFT-001}}, date = {2022-02-14}, institution = {Morphisec}, url = {https://blog.morphisec.com/hubfs/Journey%20of%20a%20Crypto%20Scammer%20-%20NFT-001%20%7C%20Morphisec%20%7C%20Threat%20Report.pdf}, language = {English}, urldate = {2022-02-19} } Journey of a Crypto Scammer - NFT-001
AsyncRAT BitRAT Remcos
2021-11-23MorphisecHido Cohen, Arnold Osipov
@online{cohen:20211123:babadeda:ae0d0ac, author = {Hido Cohen and Arnold Osipov}, title = {{Babadeda Crypter targeting crypto, NFT, and DeFi communities}}, date = {2021-11-23}, organization = {Morphisec}, url = {https://blog.morphisec.com/the-babadeda-crypter-targeting-crypto-nft-defi-communities}, language = {English}, urldate = {2021-12-22} } Babadeda Crypter targeting crypto, NFT, and DeFi communities
Babadeda BitRAT LockBit Remcos
2021-10-14MorphisecArnold Osipov
@online{osipov:20211014:explosive:d6c6eb7, author = {Arnold Osipov}, title = {{Explosive New MirrorBlast Campaign Targets Financial Companies}}, date = {2021-10-14}, organization = {Morphisec}, url = {https://blog.morphisec.com/explosive-new-mirrorblast-campaign-targets-financial-companies}, language = {English}, urldate = {2021-10-24} } Explosive New MirrorBlast Campaign Targets Financial Companies
MirrorBlast
2021-05-14MorphisecArnold Osipov
@online{osipov:20210514:ahk:2da8d24, author = {Arnold Osipov}, title = {{AHK RAT Loader Used in Unique Delivery Campaigns}}, date = {2021-05-14}, organization = {Morphisec}, url = {https://blog.morphisec.com/ahk-rat-loader-leveraged-in-unique-delivery-campaigns}, language = {English}, urldate = {2021-05-17} } AHK RAT Loader Used in Unique Delivery Campaigns
AsyncRAT Houdini Revenge RAT
2021-01-04MorphisecArnold Osipov
@techreport{osipov:20210104:threat:b875307, author = {Arnold Osipov}, title = {{Threat Profile the Evolution of the FIN7 JSSLoader}}, date = {2021-01-04}, institution = {Morphisec}, url = {https://www.morphisec.com/hubfs/eBooks_and_Whitepapers/FIN7%20JSSLOADER%20FINAL%20WEB.pdf}, language = {English}, urldate = {2021-01-05} } Threat Profile the Evolution of the FIN7 JSSLoader
JSSLoader
2020-11-12MorphisecArnold Osipov
@online{osipov:20201112:threat:05d4acd, author = {Arnold Osipov}, title = {{Threat Profile: JUPYTER INFOSTEALER}}, date = {2020-11-12}, organization = {Morphisec}, url = {https://blog.morphisec.com/jupyter-infostealer-backdoor-introduction}, language = {English}, urldate = {2021-12-17} } Threat Profile: JUPYTER INFOSTEALER
solarmarker
2020-08-20MorphisecArnold Osipov
@online{osipov:20200820:qakbot:a7e14ef, author = {Arnold Osipov}, title = {{QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal}}, date = {2020-08-20}, organization = {Morphisec}, url = {https://blog.morphisec.com/qakbot-qbot-maldoc-two-new-techniques}, language = {English}, urldate = {2020-08-25} } QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal
QakBot
2020-06-24MorphisecArnold Osipov
@online{osipov:20200624:obfuscated:74bfeed, author = {Arnold Osipov}, title = {{Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex}}, date = {2020-06-24}, organization = {Morphisec}, url = {https://blog.morphisec.com/obfuscated-vbscript-drops-zloader-ursnif-qakbot-dridex}, language = {English}, urldate = {2020-06-25} } Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader
2020-06-02MorphisecArnold Osipov
@online{osipov:20200602:ursnifgozi:2e20c85, author = {Arnold Osipov}, title = {{Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass}}, date = {2020-06-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/ursnif/gozi-delivery-excel-macro-4.0-utilization-uptick-ocr-bypass}, language = {English}, urldate = {2020-06-25} } Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB
2020-04-02MorphisecArnold Osipov
@online{osipov:20200402:guloader:af464fe, author = {Arnold Osipov}, title = {{GuLoader: The RAT Downloader}}, date = {2020-04-02}, organization = {Morphisec}, url = {https://blog.morphisec.com/guloader-the-rat-downloader}, language = {English}, urldate = {2021-01-10} } GuLoader: The RAT Downloader
CloudEyE
2020-03-18MorphisecArnold Osipov
@online{osipov:20200318:parallax:fa4b01d, author = {Arnold Osipov}, title = {{Parallax: The new RAT on the block}}, date = {2020-03-18}, organization = {Morphisec}, url = {https://blog.morphisec.com/parallax-rat-active-status}, language = {English}, urldate = {2020-03-25} } Parallax: The new RAT on the block
Parallax RAT
2020-01-30MorphisecArnold Osipov
@online{osipov:20200130:trickbot:da5c80d, author = {Arnold Osipov}, title = {{Trickbot Trojan Leveraging a New Windows 10 UAC Bypass}}, date = {2020-01-30}, organization = {Morphisec}, url = {https://blog.morphisec.com/trickbot-uses-a-new-windows-10-uac-bypass}, language = {English}, urldate = {2020-02-03} } Trickbot Trojan Leveraging a New Windows 10 UAC Bypass
TrickBot
2019-05-13MorphisecArnold Osipov
@online{osipov:20190513:look:7526002, author = {Arnold Osipov}, title = {{A Look At Hworm / Houdini aka Njrat}}, date = {2019-05-13}, organization = {Morphisec}, url = {http://blog.morphisec.com/hworm-houdini-aka-njrat}, language = {English}, urldate = {2020-01-05} } A Look At Hworm / Houdini aka Njrat
Houdini