Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-01Medium s2wlabChaewon Moon, Denise Dasom Kim, Jungyeon Lim, S2W LAB INTELLIGENCE TEAM, Sujin Lim, Yeonghyeon Jeong
BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter
2021-08-29Medium Asuna AmawakaAsuna Amawaka
Quarians, Turians and…QuickHeal
QuickHeal
2021-08-21Medium CrovaxCrovax
Panda Banker Analysis Part 1
PandaBanker
2021-08-20Medium Berhan BingölBerhan Bingöl
VirtualBox Detection, Anti-Detection
2021-08-19Medium walmartglobaltechJason Reaves
Looking at the new Krypton crypter and recent Data Exfiltrator Samples
2021-08-17Medium amgedwagehAmged Wageh
LockBit Ransomware Analysis Notes
LockBit
2021-08-17Medium michaelkoczwaraMichael Koczwara
Cobalt Strike Hunting — DLL Hijacking/Attack Analysis
Cobalt Strike
2021-07-30Medium walmartglobaltechJason Reaves
Decrypting BazarLoader strings with a Unicorn
BazarBackdoor
2021-07-25Medium svch0stsvch0st
Guide to Named Pipes and Hunting for Cobalt Strike Pipes
Cobalt Strike
2021-07-22Medium michaelkoczwaraMichael Koczwara
Cobalt Strike Hunting — simple PCAP and Beacon Analysis
Cobalt Strike
2021-07-14Medium TowardsDataScienceJohn “Turbo” Conwell
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors
2021-07-14Medium s2wlabJaeki Kim
Matryoshka : Variant of ROKRAT, APT37 (Scarcruft)
RokRAT
2021-07-13Medium CyCraftCyCraft Technology Corp
Prometheus Ransomware Decryptor
Prometheus
2021-07-08Medium s2wlabSojun Ryu
Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea
Racket Downloader
2021-07-08Medium walmartglobaltechHarold Ogden, Jason Reaves
Amadey stealer plugin adds Mikrotik and Outlook harvesting
Amadey
2021-07-08Medium walmartglobaltechHarold Ogden, Jason Reaves
Amadey stealer plugin adds Mikrotik and Outlook harvesting
Amadey
2021-07-07Medium s2wlabSeunghoe Kim
Deep analysis of KPOT Stealer
KPOT Stealer
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-07-03Medium AK1001AK1001
Analyzing Cobalt Strike PowerShell Payload
Cobalt Strike