Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-05-23Github (x-junior)Mohamed Ashraf
String Decryptor for WarmCookie
WarmCookie
2024-05-23Github (x-junior)Mohamed Ashraf
IDA Script for WarmCookie
WarmCookie
2024-05-10Rapid7 LabsEvan McCann, Thomas Elkins, Tyler McGraw
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Black Basta Black Basta Cobalt Strike NetSupportManager RAT
2024-05-10ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Four
Remcos
2024-05-08ElasticElastic
Elastic Security - WarmCookie YARA Rule
WarmCookie
2024-05-03ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Three
Remcos
2024-04-30ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Two
Remcos
2024-04-24ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part One
Remcos
2024-04-17MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm
2024-04-17McAfeeMohansundaram M, Neil Tyagi
Redline Stealer: A Novel Approach
RedLine Stealer SmartLoader
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
UNC3569 UNC5266 UNC5291 UNC5330 UNC5337 UTA0178
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-03-26K7 SecurityVigneshwaran P
Unknown TTPs of Remcos RAT
Remcos
2024-02-21YouTube (SentinelOne)Kris McConkey
LABSCon23 Replay | Chasing Shadows | The rise of a prolific espionage actor
9002 RAT PlugX ShadowPad Spyder Earth Lusca
2024-02-21Medium b.magnezi0xMrMagnezi
Malware Analysis — Remcos RAT
Remcos
2024-01-16Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Keyhole Analysis
IcedID Keyhole
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2024-01-03UptycsKarthickkumar Kathiresan, Shilpesh Trivedi
Ukraine Targeted by UAC-0050 Using Remcos RAT Pipe Method for Evasion
Remcos
2023-12-14MandiantAdrian McCabe, Geoff Ackerman, Rufus Brown, Ryan Tomcik
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors
DanaBot DarkGate UNC4393