Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-10-20Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20231020:icedid:43212cd, author = {Jason Reaves and Joshua Platt}, title = {{IcedID gets Loaded}}, date = {2023-10-20}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/icedid-gets-loaded-af073b7b6d39}, language = {English}, urldate = {2023-11-14} } IcedID gets Loaded
Unidentified 111 (IcedID Loader)
2023-07-18Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
@online{reaves:20230718:nemesisproject:daa35d0, author = {Jason Reaves and Jonathan Mccay and Joshua Platt}, title = {{NemesisProject}}, date = {2023-07-18}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/nemesisproject-816ed5c1e8d5}, language = {English}, urldate = {2023-07-19} } NemesisProject
Nemesis
2023-05-09Medium walmartglobaltechJason Reaves, Joshua Platt, Jonathan Mccay
@online{reaves:20230509:metastealer:11ef397, author = {Jason Reaves and Joshua Platt and Jonathan Mccay}, title = {{MetaStealer string decryption and DGA overview}}, date = {2023-05-09}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/metastealer-string-decryption-and-dga-overview-5f38f76830cd}, language = {English}, urldate = {2023-05-11} } MetaStealer string decryption and DGA overview
MetaStealer
2023-03-10Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20230310:from:6bceb30, author = {Jason Reaves and Joshua Platt}, title = {{From Royal With Love}}, date = {2023-03-10}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/from-royal-with-love-88fa05ff7f65}, language = {English}, urldate = {2023-03-13} } From Royal With Love
Cobalt Strike Conti PLAY Royal Ransom Somnia
2023-02-24Medium walmartglobaltechJason Reaves, Joshua Platt, Jonathan Mccay, Kirk Sayre
@online{reaves:20230224:qbot:771bf3d, author = {Jason Reaves and Joshua Platt and Jonathan Mccay and Kirk Sayre}, title = {{Qbot testing malvertising campaigns?}}, date = {2023-02-24}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/qbot-testing-malvertising-campaigns-3e2552cbc69a}, language = {English}, urldate = {2023-02-27} } Qbot testing malvertising campaigns?
QakBot
2022-08-09Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220809:pivoting:7afbaea, author = {Jason Reaves and Joshua Platt}, title = {{Pivoting on a SharpExt to profile Kimusky panels for great good}}, date = {2022-08-09}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/pivoting-on-a-sharpext-to-profile-kimusky-panels-for-great-good-1920dc1bcef9}, language = {English}, urldate = {2023-02-06} } Pivoting on a SharpExt to profile Kimusky panels for great good
Kimsuky
2022-08-04Medium walmartglobaltechJoshua Platt, Jason Reaves
@online{platt:20220804:icedid:546c931, author = {Joshua Platt and Jason Reaves}, title = {{IcedID leverages PrivateLoader}}, date = {2022-08-04}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/icedid-leverages-privateloader-7744771bf87f}, language = {English}, urldate = {2022-08-11} } IcedID leverages PrivateLoader
IcedID PrivateLoader
2022-05-25Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220525:socgholish:f876e0e, author = {Jason Reaves and Joshua Platt}, title = {{SocGholish Campaigns and Initial Access Kit}}, date = {2022-05-25}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/socgholish-campaigns-and-initial-access-kit-4c4283fea8ee}, language = {English}, urldate = {2022-06-02} } SocGholish Campaigns and Initial Access Kit
FAKEUPDATES Blister Cobalt Strike NetSupportManager RAT
2022-03-10Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220310:diavol:2a6514a, author = {Jason Reaves and Joshua Platt}, title = {{Diavol the Enigma of Ransomware}}, date = {2022-03-10}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/diavol-the-enigma-of-ransomware-1fd78ffda648}, language = {English}, urldate = {2022-03-14} } Diavol the Enigma of Ransomware
Diavol
2022-03-04Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220304:systembc:e808a92, author = {Jason Reaves and Joshua Platt}, title = {{SystemBC, PowerShell version}}, date = {2022-03-04}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/systembc-powershell-version-68c9aad0f85c}, language = {English}, urldate = {2023-07-31} } SystemBC, PowerShell version
SystemBC
2022-02-14Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220214:privateloader:e7e062e, author = {Jason Reaves and Joshua Platt}, title = {{PrivateLoader to Anubis Loader}}, date = {2022-02-14}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/privateloader-to-anubis-loader-55d066a2653e}, language = {English}, urldate = {2022-08-05} } PrivateLoader to Anubis Loader
Anubis Loader PrivateLoader
2022-02-01Medium walmartglobaltechJoshua Platt, Jonathan Mccay, Jason Reaves
@online{platt:20220201:sugar:ba25cd3, author = {Joshua Platt and Jonathan Mccay and Jason Reaves}, title = {{Sugar Ransomware, a new RaaS}}, date = {2022-02-01}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/sugar-ransomware-a-new-raas-a5d94d58d9fb}, language = {English}, urldate = {2022-02-02} } Sugar Ransomware, a new RaaS
Sugar
2022-01-11Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20220111:signed:0f32583, author = {Jason Reaves and Joshua Platt}, title = {{Signed DLL campaigns as a service}}, date = {2022-01-11}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/signed-dll-campaigns-as-a-service-7760ac676489}, language = {English}, urldate = {2023-01-31} } Signed DLL campaigns as a service
BATLOADER Cobalt Strike ISFB Zloader
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20210706:ta505:35e0dbc, author = {Jason Reaves and Joshua Platt}, title = {{TA505 adds GoLang crypter for delivering miners and ServHelper}}, date = {2021-07-06}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/ta505-adds-golang-crypter-for-delivering-miners-and-servhelper-af70b26a6e56}, language = {English}, urldate = {2021-07-11} } TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-06-07Medium walmartglobaltechJoshua Platt, Jason Reaves
@online{platt:20210607:inside:6c363a7, author = {Joshua Platt and Jason Reaves}, title = {{Inside the SystemBC Malware-As-A-Service}}, date = {2021-06-07}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/inside-the-systembc-malware-as-a-service-9aa03afd09c6}, language = {English}, urldate = {2021-06-08} } Inside the SystemBC Malware-As-A-Service
Ryuk SystemBC TrickBot
2021-05-03Medium walmartglobaltechJoshua Platt, Jason Reaves
@online{platt:20210503:buerloader:2aa3e3f, author = {Joshua Platt and Jason Reaves}, title = {{BuerLoader Updates}}, date = {2021-05-03}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/buerloader-updates-3e34c1949b96}, language = {English}, urldate = {2021-05-04} } BuerLoader Updates
Buer
2021-04-05Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20210405:trickbot:a6b0592, author = {Jason Reaves and Joshua Platt}, title = {{TrickBot Crews New CobaltStrike Loader}}, date = {2021-04-05}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/trickbot-crews-new-cobaltstrike-loader-32c72b78e81c}, language = {English}, urldate = {2021-04-06} } TrickBot Crews New CobaltStrike Loader
Cobalt Strike TrickBot
2021-03-01Medium walmartglobaltechJoshua Platt, Jason Reaves
@online{platt:20210301:nimar:c26af08, author = {Joshua Platt and Jason Reaves}, title = {{Nimar Loader}}, date = {2021-03-01}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/nimar-loader-4f61c090c49e}, language = {English}, urldate = {2021-03-04} } Nimar Loader
BazarBackdoor BazarNimrod Cobalt Strike
2021-03-01Medium walmartglobaltechJoshua Platt, Jason Reaves
@online{platt:20210301:investigation:a7851d5, author = {Joshua Platt and Jason Reaves}, title = {{Investigation into the state of Nim malware}}, date = {2021-03-01}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/investigation-into-the-state-of-nim-malware-14cc543af811}, language = {English}, urldate = {2021-03-04} } Investigation into the state of Nim malware
BazarNimrod Cobalt Strike
2021-01-20Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20210120:anchor:b1e153f, author = {Jason Reaves and Joshua Platt}, title = {{Anchor and Lazarus together again?}}, date = {2021-01-20}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/anchor-and-lazarus-together-again-24744e516607}, language = {English}, urldate = {2021-01-21} } Anchor and Lazarus together again?
Anchor TrickBot