Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-09Sophos LabsGabor Szappanos, Vikas Singh
Kingminer escalates attack complexity for cryptomining
Kingminer
2020-06-09MicrosoftRob Mead, Tom McElroy
Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection
2020-06-07Zero2Automated Blog0verfl0w_
Dealing with Obfuscated Macros, Statically - NanoCore
Nanocore RAT
2020-06-05VotiroVotiro’s Research Team
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
Dridex
2020-05-28VMWare Carbon BlackRyan Murphy, Tom Kellermann
Modern Bank Heists 3.0
Emotet
2020-05-19zero2autoVitali Kremez
Netwalker Ransomware - From Static Reverse Engineering to Automatic Extraction
Mailto
2020-05-18CrowdStrikeKaran Sood, Liviu Arsene, Shaun Hurley
DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected
DarkSide DarkSide
2020-05-11SentinelOneGal Kristal
The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration
Cobalt Strike
2020-05-06PrevailionDanny Adamitis
Phantom in the Command Shell
EVILNUM
2020-04-29Twitter (@h4ckak)Ring4sky
More IOCs related to PhantomLance
PhantomLance
2020-04-28Kaspersky LabsAlexey Firsh, Lev Pikman
Hiding in plain sight: PhantomLance walks into a market
PhantomLance
2020-04-23ESET ResearchEset
ESET researchers disrupt cryptomining botnet VictoryGate
VictoryGate
2020-03-19ESET ResearchVladislav Hrčka
Stantinko’s new cryptominer features unique obfuscation techniques
Stantinko
2020-03-10MicrosoftTom Burt
New action to disrupt world’s largest online criminal network
Necurs
2020-03-05JPCERT/CCShusei Tomonaga
ELF_TSCookie - Linux Malware Used by BlackTech
TSCookie
2020-02-22Objective-SeePatrick Wardle
Weaponizing a Lazarus Group Implant: repurposing a 1st-stage loader, to execute custom 'fileless' payloads
AppleJeus
2020-02-18Personal Blog of Christophe Tafani-DereeperChristophe Tafani-Dereeper
Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader
2020-02-05FireEyeAndrew Moore, Blaine Stancill, Genevieve Stark, Rick Cole
STOMP 2 DIS: Brilliance in the (Visual) Basics
MINEBRIDGE
2020-01-26Youtube (OALabs)Sean Wilson, Sergei Frankoff
IDA Pro Automated String Decryption For REvil Ransomware
REvil
2020-01-23Bleeping ComputerSergiu Gatlan
Sodinokibi Ransomware Threatens to Publish Data of Automotive Group
REvil