Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-01-04NetresecErik Hjelmvik
Hunting for Cobalt Strike in PCAP
Cobalt Strike
2023-10-12NetresecErik Hjelmvik
Forensic Timeline of an IcedID Infection
Cobalt Strike IcedID IcedID Downloader
2023-04-26NetresecErik Hjelmvik
EvilExtractor Network Forensics
EvilExtractor
2023-03-02NetresecErik Hjelmvik
QakBot C2 Traffic
QakBot
2023-02-15NetresecErik Hjelmvik
How to Identify IcedID Network Traffic
IcedID
2022-10-12NetresecErik Hjelmvik
IcedID BackConnect Protocol
IcedID
2022-05-09NetresecErik Hjelmvik
Emotet C2 and Spam Traffic Video
Emotet
2022-04-25NetresecErik Hjelmvik
Industroyer2 IEC-104 Analysis
INDUSTROYER2
2021-04-19NetresecErik Hjelmvik
Analysing a malware PCAP with IcedID and Cobalt Strike traffic
Cobalt Strike IcedID
2021-02-17NetresecErik Hjelmvik
Targeting Process for the SolarWinds Backdoor
SUNBURST
2021-01-25NetresecErik Hjelmvik
Twenty-three SUNBURST Targets Identified
SUNBURST
2021-01-11NetresecErik Hjelmvik
Robust Indicators of Compromise for SUNBURST
SUNBURST
2021-01-04NetresecErik Hjelmvik
Finding Targeted SUNBURST Victims with pDNS
SUNBURST
2020-12-29NetresecErik Hjelmvik
Extracting Security Products from SUNBURST DNS Beacons
SUNBURST
2020-12-17NetresecErik Hjelmvik
Reassembling Victim Domain Fragments from SUNBURST DNS
SUNBURST
2014-10-27NetresecErik Hjelmvik
Full Disclosure of Havex Trojans
ENERGETIC BEAR