Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-31ElasticSeth Goodwin, Derek Ditch, Daniel Stepanic, Andrew Pease
@online{goodwin:20221031:icedids:df089be, author = {Seth Goodwin and Derek Ditch and Daniel Stepanic and Andrew Pease}, title = {{ICEDIDs network infrastructure is alive and well}}, date = {2022-10-31}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/icedids-network-infrastructure-is-alive-and-well}, language = {English}, urldate = {2022-11-02} } ICEDIDs network infrastructure is alive and well
IcedID
2022-07-27ElasticCyril François, Derek Ditch
@online{franois:20220727:qbot:82146d1, author = {Cyril François and Derek Ditch}, title = {{QBOT Configuration Extractor}}, date = {2022-07-27}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/qbot-configuration-extractor}, language = {English}, urldate = {2022-08-05} } QBOT Configuration Extractor
QakBot
2022-06-01ElasticDaniel Stepanic, Derek Ditch, Seth Goodwin, Salim Bitam, Andrew Pease
@online{stepanic:20220601:cuba:333f7c1, author = {Daniel Stepanic and Derek Ditch and Seth Goodwin and Salim Bitam and Andrew Pease}, title = {{CUBA Ransomware Campaign Analysis}}, date = {2022-06-01}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/cuba-ransomware-campaign-analysis}, language = {English}, urldate = {2022-06-09} } CUBA Ransomware Campaign Analysis
Cobalt Strike Cuba Meterpreter MimiKatz SystemBC
2022-03-07ElasticDaniel Stepanic, Derek Ditch, Joe Desimone, Cyril François, Github (@1337-42), Samir Bousseaden, Andrew Pease
@online{stepanic:20220307:phoreal:f982397, author = {Daniel Stepanic and Derek Ditch and Joe Desimone and Cyril François and Github (@1337-42) and Samir Bousseaden and Andrew Pease}, title = {{PHOREAL Malware Targets the Southeast Asian Financial Sector}}, date = {2022-03-07}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/03/02.phoreal-targets-southeast-asia-financial-sector/article/}, language = {English}, urldate = {2022-03-08} } PHOREAL Malware Targets the Southeast Asian Financial Sector
PHOREAL
2022-01-19ElasticDerek Ditch, Daniel Stepanic, Andrew Pease, Seth Goodwin
@online{ditch:20220119:extracting:39bd5e5, author = {Derek Ditch and Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{Extracting Cobalt Strike Beacon Configurations}}, date = {2022-01-19}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/01/03.extracting-cobalt-strike-beacon/article/}, language = {English}, urldate = {2022-01-25} } Extracting Cobalt Strike Beacon Configurations
Cobalt Strike
2022-01-19ElasticDerek Ditch, Daniel Stepanic, Andrew Pease, Seth Goodwin
@online{ditch:20220119:collecting:696e5d0, author = {Derek Ditch and Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{Collecting Cobalt Strike Beacons with the Elastic Stack}}, date = {2022-01-19}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/01/02.collecting-cobalt-strike-beacons/article/}, language = {English}, urldate = {2022-01-25} } Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike
2022-01-18ElasticDerek Ditch, Daniel Stepanic, Andrew Pease, Seth Goodwin
@online{ditch:20220118:formbook:3f03c56, author = {Derek Ditch and Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{FORMBOOK Adopts CAB-less Approach}}, date = {2022-01-18}, organization = {Elastic}, url = {https://elastic.github.io/security-research/intelligence/2022/01/01.formbook-adopts-cabless-approach/article/}, language = {English}, urldate = {2022-01-25} } FORMBOOK Adopts CAB-less Approach
Formbook