Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-10-21HarfangLabHarfangLab CTR
RudePanda owns IIS servers like it's 2003
TOLLBOOTH
2025-08-20HarfangLabHarfangLab CTR
UAC-0057 keeps applying pressure on Ukraine and Poland
PicassoLoader
2025-06-16HarfangLabHarfangLab CTR
SadFuture: Mapping XDSpy latest evolution
XDSpy
2025-04-16HarfangLabHarfangLab CTR
Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure
Pteranodon
2025-02-10HarfangLabHarfangLab CTR
Further insights into Ivanti CSA 4.6 vulnerabilities exploitation
Godzilla Webshell Behinder
2024-10-11HarfangLabAlice Climent-Pommeret
HijackLoader evolution: abusing genuine signing certificates
HijackLoader
2024-09-04HarfangLabAlice Climent-Pommeret
Unpacking the unpleasant FIN7 gift: PackXOR
r77 xmrig
2024-08-14HarfangLabHarfangLab CTR
Cyclops: a likely replacement for BellaCiao
BellaCiao Cyclops
2024-07-25HarfangLabHarfangLab CTR
Mid-year Doppelgänger information operations in Europe and the US
2024-06-28HarfangLabHarfangLab CTR
Supposed Grasshopper: operators impersonate Israeli government and private companies to deploy open-source malware
donut_injector Sliver
2024-05-28HarfangLabHarfangLab CTR
AllaSenha: AllaKore variant leverages Azure cloud C2 to steal banking details in Latin America
AllaKore AllaSenha
2024-04-22HarfangLabHarfangLab CTR
MuddyWater campaign abusing Atera Agents
2024-04-16HarfangLabHarfangLab CTR
Analysis of the APT31 Indictment
RAWDOOR APT31
2024-04-03HarfangLabAlice Climent-Pommeret
Raspberry Robin and its new anti-emulation trick
Raspberry Robin
2024-03-01HarfangLabHarfangLab CTR
A Comprehensive Analysis of i-SOON’s Commercial Offering
ShadowPad Winnti
2024-01-29HarfangLabHarfangLab CTR
Compromised Routers Are Still Leveraged as Malicious Infrastructure to Target Government Organizations in Europe and the Caucasus
MASEPIE OCEANMAP
2024-01-15HarfangLabIvan Kwiatkowski
An Introduction to Reverse Engineering .NET AOT Applications
DUCKTAIL
2023-09-28HarfangLabClaudio Teixeira
Loader Galore - TaskLoader at the start of a Pay-per-Install Infection Chain
CustomerLoader Fabookie LgoogLoader SmokeLoader