Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-09Twitter (@AvastThreatLabs)
@online{avastthreatlabs:20211109:by:9f805da, author = {Twitter (@AvastThreatLabs)}, title = {{Tweet by Avast on a new Android Banker they call MasterFred}}, date = {2021-11-09}, url = {https://twitter.com/AvastThreatLabs/status/1458162276708483073}, language = {English}, urldate = {2021-11-10} } Tweet by Avast on a new Android Banker they call MasterFred
MasterFred
2021-11-03AvastMartin Chlumecký
@online{chlumeck:20211103:dirtymoe:93da365, author = {Martin Chlumecký}, title = {{DirtyMoe: Deployment}}, date = {2021-11-03}, organization = {Avast}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-4/}, language = {English}, urldate = {2021-11-08} } DirtyMoe: Deployment
DirtyMoe
2021-10-27Avast DecodedAvast
@online{avast:20211027:avast:6b44ea1, author = {Avast}, title = {{Avast releases decryptor for AtomSilo and LockFile ransomware}}, date = {2021-10-27}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/decryptor-for-atomsilo-and-lockfile-ransomware/}, language = {English}, urldate = {2021-11-08} } Avast releases decryptor for AtomSilo and LockFile ransomware
ATOMSILO LockFile
2021-10-25AvastJakub Vávra
@online{vvra:20211025:ultimasms:9720c12, author = {Jakub Vávra}, title = {{UltimaSMS: A widespread premium SMS scam on the Google Play Store}}, date = {2021-10-25}, organization = {Avast}, url = {https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast}, language = {English}, urldate = {2021-11-03} } UltimaSMS: A widespread premium SMS scam on the Google Play Store
UltimaSMS
2021-10-12AvastJan Rubín, Jakub Kaloč
@online{rubn:20211012:king:068a3d8, author = {Jan Rubín and Jakub Kaloč}, title = {{The King is Dead, Long Live MyKings! (Part 1 of 2)}}, date = {2021-10-12}, organization = {Avast}, url = {https://decoded.avast.io/janrubin/the-king-is-dead-long-live-mykings/}, language = {English}, urldate = {2021-10-25} } The King is Dead, Long Live MyKings! (Part 1 of 2)
MyKings Spreader
2021-09-20Avast DecodedAnh ho
@online{ho:20210920:blustealer:9beaf4b, author = {Anh ho}, title = {{BluStealer: from SpyEx to ThunderFox}}, date = {2021-09-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/blustealer/}, language = {English}, urldate = {2021-09-22} } BluStealer: from SpyEx to ThunderFox
BluStealer
2021-09-17AvastMartin Chlumecký
@online{chlumeck:20210917:dirtymoe:d684802, author = {Martin Chlumecký}, title = {{DirtyMoe: Code Signing Certificate}}, date = {2021-09-17}, organization = {Avast}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-3/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Code Signing Certificate
DirtyMoe
2021-08-11Avast DecodedMartin Chlumecký
@online{chlumeck:20210811:dirtymoe:4cb640e, author = {Martin Chlumecký}, title = {{DirtyMoe: Rootkit Driver}}, date = {2021-08-11}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-rootkit-driver/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Rootkit Driver
DirtyMoe
2021-07-29AvastJan Vojtěšek
@online{vojtek:20210729:magnitude:3c9e478, author = {Jan Vojtěšek}, title = {{Magnitude Exploit Kit: Still Alive and Kicking}}, date = {2021-07-29}, organization = {Avast}, url = {https://decoded.avast.io/janvojtesek/magnitude-exploit-kit-still-alive-and-kicking/}, language = {English}, urldate = {2021-08-03} } Magnitude Exploit Kit: Still Alive and Kicking
Magniber
2021-07-08Avast DecodedThreat Intelligence Team
@online{team:20210708:decoding:04acb98, author = {Threat Intelligence Team}, title = {{Decoding Cobalt Strike: Understanding Payloads}}, date = {2021-07-08}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads/}, language = {English}, urldate = {2021-07-08} } Decoding Cobalt Strike: Understanding Payloads
Cobalt Strike Empire Downloader
2021-07-01Avast DecodedLuigino Camastra, Igor Morgenstern, Jan Vojtěšek
@online{camastra:20210701:backdoored:6f26c16, author = {Luigino Camastra and Igor Morgenstern and Jan Vojtěšek}, title = {{Backdoored Client from Mongolian CA MonPass}}, date = {2021-07-01}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass/}, language = {English}, urldate = {2021-07-02} } Backdoored Client from Mongolian CA MonPass
Cobalt Strike
2021-06-24AvastDaniel Beneš
@online{bene:20210624:crackonosh:ce54a93, author = {Daniel Beneš}, title = {{Crackonosh: A New Malware Distributed in Cracked Software}}, date = {2021-06-24}, organization = {Avast}, url = {https://decoded.avast.io/danielbenes/crackonosh-a-new-malware-distributed-in-cracked-software/}, language = {English}, urldate = {2021-06-29} } Crackonosh: A New Malware Distributed in Cracked Software
2021-06-16Avast DecodedMartin Chlumecký
@online{chlumeck:20210616:dirtymoe:9e1065a, author = {Martin Chlumecký}, title = {{DirtyMoe: Introduction and General Overview of Modularized Malware}}, date = {2021-06-16}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-1/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Introduction and General Overview of Modularized Malware
DirtyMoe
2021-05-19Avast DecodedDavid Zimmer
@online{zimmer:20210519:binary:1fda440, author = {David Zimmer}, title = {{Binary Reuse of VB6 P-Code Functions}}, date = {2021-05-19}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/reusing-vb6-p-code-functions/}, language = {English}, urldate = {2021-05-26} } Binary Reuse of VB6 P-Code Functions
2021-05-12Avast DecodedDavid Zimmer
@online{zimmer:20210512:writing:f056e19, author = {David Zimmer}, title = {{Writing a VB6 P-Code Debugger}}, date = {2021-05-12}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/writing-a-vb6-p-code-debugger/}, language = {English}, urldate = {2021-05-26} } Writing a VB6 P-Code Debugger
2021-05-05Avast DecodedDavid Zimmer
@online{zimmer:20210505:vb6:c12dd45, author = {David Zimmer}, title = {{VB6 P-Code Disassembly}}, date = {2021-05-05}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-disassembly/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Disassembly
2021-04-28Avast DecodedDavid Zimmer
@online{zimmer:20210428:vb6:a8bfd2e, author = {David Zimmer}, title = {{VB6 P-Code Obfuscation}}, date = {2021-04-28}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-obfuscation/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Obfuscation
2021-04-22Avast DecodedDavid Zimmer
@online{zimmer:20210422:binary:ec29b94, author = {David Zimmer}, title = {{Binary Data Hiding in VB6 Executables}}, date = {2021-04-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/binary-data-hiding-in-vb6-executables/}, language = {English}, urldate = {2021-04-29} } Binary Data Hiding in VB6 Executables
2021-04-15Avast DecodedRomana Tesařová
@online{tesaov:20210415:hackboss:18b3c2e, author = {Romana Tesařová}, title = {{HackBoss: A cryptocurrency-stealing malware distributed through Telegram}}, date = {2021-04-15}, organization = {Avast Decoded}, url = {https://decoded.avast.io/romanalinkeova/hackboss-a-cryptocurrency-stealing-malware-distributed-through-telegram/}, language = {English}, urldate = {2021-04-16} } HackBoss: A cryptocurrency-stealing malware distributed through Telegram
2021-03-17Avast DecodedJakub Kaloč
@online{kalo:20210317:hidden:7757b8d, author = {Jakub Kaloč}, title = {{Hidden menace: Peeling back the secrets of OnionCrypter}}, date = {2021-03-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/jakubkaloc/onion-crypter/}, language = {English}, urldate = {2021-03-19} } Hidden menace: Peeling back the secrets of OnionCrypter