Click here to download all references as Bib-File.•
| 2020-11-28
⋅
pat_h/to/file
⋅
Hunting Koadic Pt. 2 - JARM Fingerprinting Koadic |
| 2020-11-21
⋅
Medium Intel-Honey
⋅
Reversing Anubis Malware Anubis |
| 2020-11-19
⋅
Twitter (@VK_intel)
⋅
Tweet on Trickbot Group pushing LIGHTBOT powershell script to gather information about AD Server LightBot |
| 2020-11-17
⋅
Twitter (@VK_intel)
⋅
Tweet on a new fileless TrickBot loading method using code from MemoryModule TrickBot |
| 2020-11-16
⋅
JPCERT/CC
⋅
ELF_PLEAD - Linux Malware Used by BlackTech PLEAD |
| 2020-11-13
⋅
Youtube (The Standoff)
⋅
FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research CROSSWALK Unidentified 076 (Higaisa LNK to Shellcode) |
| 2020-11-12
⋅
Twitter (@ddash_ct)
⋅
Tweet on Lootwodniw Lootwodniw |
| 2020-10-03
⋅
Medium vishal_thakur
⋅
Grinju Downloader: Anti-analysis (on steroids) | Part 2 Grinju Downloader |
| 2020-09-22
⋅
Medium (@vishal_thakur)
⋅
Grinju Downloader Grinju Downloader |
| 2020-09-11
⋅
Twitter (@Arkbird_SOLG)
⋅
Tweet on discovery of a sample Turla SilentMoon |
| 2020-09-03
⋅
Twitter (@Arkbird_SOLG)
⋅
Tweet on development in more_eggs More_eggs |
| 2020-08-17
⋅
Twitter (@Arkbird_SOLG)
⋅
Short twitter thread with analysis on Loup ATM malware Loup |
| 2020-08-15
⋅
Twitter (@Int2e_)
⋅
Tweet on DoubleFantasy DoubleFantasy |
| 2020-08-14
⋅
Twitter (@VK_intel)
⋅
Tweet on Zloader infection leading to Cobaltstrike Installation Cobalt Strike Zloader |
| 2020-08-14
⋅
Twitter (@James_inthe_box)
⋅
Tweet on Echelon Stealer |
| 2020-08-05
⋅
BlackHat
⋅
FASTCashand INJX_PURE: How Threat Actors Use Public Standards for Financial Fraud FastCash |
| 2020-07-28
⋅
Medium (@vishal_thakur)
⋅
LOLSnif Malware LOLSnif |
| 2020-07-24
⋅
Medium tom_rock
⋅
Fifty Shades of Malware Strings |
| 2020-07-13
⋅
Stage 2 Security
⋅
Anchor_dns malware goes cross platform AnchorDNS |
| 2020-07-06
⋅
NTT
⋅
TrickBot variant “Anchor_DNS” communicating over DNS AnchorDNS TrickBot |