Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-13cocomelonccocomelonc
Malware in the wild book
AsyncRAT Babuk BlackCat BlackLotus Carbanak HelloKitty Paradise Stealc WinDealer
2023-12-10cocomelonccocomelonc
Malware development: persistence - part 23. LNK files. Simple Powershell example.
Emotet
2023-11-23cocomelonccocomelonc
Malware and cryptography 22: encrypt/decrypt payload via XTEA. Simple C++ example.
2023-11-07cocomelonccocomelonc
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example.
2023-10-20cocomelonccocomelonc
Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.
2023-09-25cocomelonccocomelonc
Malware development trick - part 36: Enumerate process modules. Simple C++ example.
4h_rat Aria-body
2023-08-28Github (cocomelonc)cocomelonc
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.
2023-08-13Github (cocomelonc)cocomelonc
Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.
2023-07-26cocomelonccocomelonc
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example.
Valak POWERSOURCE Gazer PowerDuke
2023-07-16Github (cocomelonc)cocomelonc
Malware development: persistence - part 22. Windows Setup. Simple C++ example.
2023-07-15MSSP Labcocomelonc
Malware source code investigation: BlackLotus - part 1
BlackLotus
2023-07-13MSSP Labcocomelonc
Malware analysis report: BlackCat ransomware
BlackCat BlackCat
2023-07-07Github (cocomelonc)cocomelonc
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example.
2023-06-26Github (cocomelonc)cocomelonc
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
2023-06-23MSSP Labcocomelonc
Malware source code investigation: Paradise Ransomware
Paradise
2023-06-19Github (cocomelonc)cocomelonc
Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
Glupteba
2023-06-15Github (cocomelonc)cocomelonc
Malware analysis report: Babuk ransomware
Babuk
2023-06-09cocomelonccocomelonc
Malware development trick - part 33. Syscalls - part 2. Simple C++ example.
2023-06-07cocomelonccocomelonc
Malware development trick - part 32. Syscalls - part 1. Simple C++ example.
2023-06-04Github (cocomelonc)cocomelonc
Malware development trick - part 31: Run shellcode via SetTimer. Simple C++ example.