Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-03-04SentinelOneJason Reaves
@online{reaves:20200304:breaking:8262e7e, author = {Jason Reaves}, title = {{Breaking TA505’s Crypter with an SMT Solver}}, date = {2020-03-04}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/breaking-ta505s-crypter-with-an-smt-solver/}, language = {English}, urldate = {2020-03-04} } Breaking TA505’s Crypter with an SMT Solver
Clop CryptoMix MINEBRIDGE
2020-02-26SentinelOneJason Reaves
@online{reaves:20200226:revealing:2c3fc63, author = {Jason Reaves}, title = {{Revealing the Trick | A Deep Dive into TrickLoader Obfuscation}}, date = {2020-02-26}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/revealing-the-trick-a-deep-dive-into-trickloader-obfuscation/}, language = {English}, urldate = {2020-02-27} } Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
TrickBot
2020-02-10viXraJason Reaves
@techreport{reaves:20200210:case:3f668be, author = {Jason Reaves}, title = {{A Case Study into solving Crypters/Packers in Malware Obfuscation using an SMT approach}}, date = {2020-02-10}, institution = {viXra}, url = {https://vixra.org/pdf/2002.0183v1.pdf}, language = {English}, urldate = {2020-02-27} } A Case Study into solving Crypters/Packers in Malware Obfuscation using an SMT approach
Locky
2020-01-09SentinelOneVitali Kremez, Joshua Platt, Jason Reaves
@online{kremez:20200109:toptier:4f8de90, author = {Vitali Kremez and Joshua Platt and Jason Reaves}, title = {{Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets}}, date = {2020-01-09}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/top-tier-russian-organized-cybercrime-group-unveils-fileless-stealthy-powertrick-backdoor-for-high-value-targets/}, language = {English}, urldate = {2020-01-13} } Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
TrickBot WIZARD SPIDER
2019-12-10Sentinel LABSVitali Kremez, Joshua Platt, Jason Reaves
@online{kremez:20191210:morphisec:c0fc51c, author = {Vitali Kremez and Joshua Platt and Jason Reaves}, title = {{MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS}}, date = {2019-12-10}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/the-deadly-planeswalker-how-the-trickbot-group-united-high-tech-crimeware-apt/}, language = {English}, urldate = {2020-01-08} } MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS
Anchor
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:bac265f, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited:-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2019-12-18} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
DNSRat TinyMet
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:a7fe335, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2020-01-10} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
SQLRat FIN7
2019-03-13FlashpointJason Reaves, Joshua Platt
@online{reaves:20190313:dmsniff:47a2734, author = {Jason Reaves and Joshua Platt}, title = {{‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses}}, date = {2019-03-13}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/dmsniff-pos-malware-actively-leveraged-target-medium-sized-businesses/}, language = {English}, urldate = {2019-12-18} } ‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses
DMSniff
2018-05-12Random REJason Reaves
@online{reaves:20180512:ms:51a6134, author = {Jason Reaves}, title = {{MS Crypto Derive Functions}}, date = {2018-05-12}, organization = {Random RE}, url = {https://sysopfb.github.io/malware,/reverse-engineering/2018/05/12/MS-Derivation-functions.html}, language = {English}, urldate = {2022-01-25} } MS Crypto Derive Functions