Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-07-01Speakerdeck (takahiro_haruyama)Takahiro Haruyama
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler
DOPLUGS Hodur
2022-10-25VMware Threat Analysis UnitTakahiro Haruyama
Tracking the entire iceberg: long-term APT malware C2 protocol emulation and scanning
ShadowPad Winnti
2022-09-26Youtube (Virus Bulletin)Takahiro Haruyama
Tracking the entire iceberg long term APT malware C2 protocol emulation and scanning
ShadowPad Winnti
2022-09-19Virus BulletinTakahiro Haruyama
Tracking the entire iceberg - long-term APT malware C2 protocol emulation and scanning
ShadowPad Winnti
2021-11-16vmwareTakahiro Haruyama
Monitoring Winnti 4.0 C2 Servers for Two Years
Winnti
2021-06-25GdataFlorian Roth, Johann Aydinbas, Karsten Hahn, Takahiro Haruyama
Microsoft signed a malicious Netfilter rootkit
NetfilterRootkit
2021-02-24VMWare Carbon BlackTakahiro Haruyama
Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation
Cobalt Strike
2020-02-20Carbon BlackTakahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)
Winnti
2019-10-24Carbon BlackTakahiro Haruyama
Defeating APT10 Compiler-level Obfuscations
Anel
2019-09-04CarbonBlackTakahiro Haruyama
CB TAU Threat Intelligence Notification: Winnti Malware 4.0
Winnti