Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-29Github (jeFF0Falltrades)Jeff Archer
AsyncRAT Configuration Parser
AsyncRAT
2021-11-07Palo Alto Networks Unit 42Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite
2021-11-02CyberScoopJeff Stone
US seeks extradition of alleged Ukrainian scammer arrested at Polish border stop
2021-11-01Software Engineering InstituteJeffrey Gennari
Two Tools for Malware Analysis and Reverse Engineering in Ghidra
2021-06-16Palo Alto Networks Unit 42Jeff White, Kyle Wilhoit
Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon
2021-03-26AccentureEric Welling, Jeff Beley, Ryan Leininger
It's getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims
Hades
2021-03-08Palo Alto Networks Unit 42Jeff White
Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER
2020-11-17CyberScoopJeff Stone
FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme
2020-11-04FireEyeJacob Thompson, Jeffrey Martin, Rapid7
In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871
2020-06-10James_inthe_box, jeFF0Falltrades, _re_fox
FRat Reporting, YARA, and IoCs
FRat Loader FRat
2020-05-07The CitizenlabChristopher Parsons, Jedidiah Crandall, Jeffrey Knockel, Lotus Ruan, Ron Deibert, Ruohan Xiong
We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus
2020-02-11Github (jeFF0Falltrades)Jeff Archer
Metamorfo (aka Casbaneiro)
Metamorfo Unidentified 072 (Metamorfo Loader)
2019-12-05Github (jeFF0Falltrades)Jeff Archer
PoshC2 (specifically as used by APT33)
PoshC2
2019-11-03Github (jeFF0Falltrades)Jeff Archer
DTrack
Dtrack
2019-09-14Github (jeFF0Falltrades)Jeff Archer
WSH RAT (A variant of H-Worm/Houdini)
Houdini
2019-08-15Github (jeFF0Falltrades)Jeff Archer
MICROPSIA (APT-C-23)
Micropsia
2019-06-25AvastJeff Elder
Ransomware strain Troldesh spikes again – Avast tracks new attacks
Troldesh
2019-05-31Github (jeFF0Falltrades)Jeff Archer
Qealler Unloaded
Qealler
2018-02-27Palo Alto Networks Unit 42Jeff White
Dissecting Hancitor’s Latest 2018 Packer
Hancitor
2017-09-25Palo Alto Networks Unit 42Jeff White
Analyzing the Various Layers of AgentTesla’s Packing
Agent Tesla
2017-05-31ropgadget.comJeff White
Writing PCRE's for applied passive network defense [Emotet]
Emotet
2016-08-30Palo Alto Networks Unit 42Jeff White
Pythons and Unicorns and Hancitor…Oh My! Decoding Binaries Through Emulation
2016-08-22Palo Alto Networks Unit 42Jeff White
VB Dropper and Shellcode for Hancitor Reveal New Techniques Behind Uptick
Hancitor
2016-02-25Palo Alto Networks Unit 42Jeff White
KeyBase Threat Grows Despite Public Takedown: A Picture is Worth a Thousand Words
KeyBase
2013-02-22MicrosoftJeffrey Meisner
Bamital Botnet Takedown Is Successful; Cleanup Underway
Bamital
2011-01-01Virus BulletinJeff Edwards, Jose Nazario
A Survey of Contemporary Chinese DDoS Malware
Rincux