Click here to download all references as Bib-File.•
| 2025-09-24
⋅
Netresec
⋅
Gh0stKCP Protocol PseudoManuscrypt ValleyRAT |
| 2025-08-12
⋅
Netresec
⋅
PureRAT = ResolverRAT = PureHVNC PureRAT |
| 2025-07-02
⋅
Netresec
⋅
PureLogs Forensics PureLogs Stealer |
| 2025-06-09
⋅
Netresec
⋅
Detecting PureLogs traffic with CapLoader PureLogs Stealer |
| 2025-04-28
⋅
Netresec
⋅
Decoding njRAT traffic with NetworkMiner NjRAT |
| 2024-01-04
⋅
Netresec
⋅
Hunting for Cobalt Strike in PCAP Cobalt Strike |
| 2023-10-12
⋅
Netresec
⋅
Forensic Timeline of an IcedID Infection Cobalt Strike IcedID IcedID Downloader |
| 2023-04-26
⋅
Netresec
⋅
EvilExtractor Network Forensics EvilExtractor |
| 2023-03-02
⋅
Netresec
⋅
QakBot C2 Traffic QakBot |
| 2023-02-15
⋅
Netresec
⋅
How to Identify IcedID Network Traffic IcedID |
| 2022-10-12
⋅
Netresec
⋅
IcedID BackConnect Protocol IcedID |
| 2022-05-09
⋅
Netresec
⋅
Emotet C2 and Spam Traffic Video Emotet |
| 2022-04-25
⋅
Netresec
⋅
Industroyer2 IEC-104 Analysis INDUSTROYER2 |
| 2021-04-19
⋅
Netresec
⋅
Analysing a malware PCAP with IcedID and Cobalt Strike traffic Cobalt Strike IcedID |
| 2021-02-17
⋅
Netresec
⋅
Targeting Process for the SolarWinds Backdoor SUNBURST |
| 2021-01-25
⋅
Netresec
⋅
Twenty-three SUNBURST Targets Identified SUNBURST |
| 2021-01-11
⋅
Netresec
⋅
Robust Indicators of Compromise for SUNBURST SUNBURST |
| 2021-01-04
⋅
Netresec
⋅
Finding Targeted SUNBURST Victims with pDNS SUNBURST |
| 2020-12-29
⋅
Netresec
⋅
Extracting Security Products from SUNBURST DNS Beacons SUNBURST |
| 2020-12-17
⋅
Netresec
⋅
Reassembling Victim Domain Fragments from SUNBURST DNS SUNBURST |
| 2014-10-27
⋅
Netresec
⋅
Full Disclosure of Havex Trojans ENERGETIC BEAR |