Click here to download all references as Bib-File.•
2023-10-18
⋅
Twitter (@embee_research)
⋅
Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function Cobalt Strike |
2023-10-16
⋅
Twitter (@embee_research)
⋅
Decoding a Simple Visual Basic (.vbs) Script - DarkGate Loader DarkGate |
2023-10-13
⋅
Twitter (@JAMESWT_MHT)
⋅
Tweets on Wikiloader delivering ISFB ISFB WikiLoader |
2023-10-10
⋅
Twitter (@embee_research)
⋅
How To Develop Yara Rules for .NET Malware Using IL ByteCodes RedLine Stealer |
2023-10-05
⋅
Twitter (@embee_research)
⋅
Introduction to DotNet Configuration Extraction - RevengeRAT Revenge RAT |
2023-10-04
⋅
Twitter (@embee_research)
⋅
Developing Yara Signatures for Malware - Practical Examples DarkGate Lu0Bot |
2023-09-19
⋅
Medium (@DCSO_CyTec)
⋅
#ShortAndMalicious — DarkGate DarkGate |
2023-08-23
⋅
Twitter (@embee_research)
⋅
Extracting Xworm from Bloated Golang Executable XWorm |
2023-08-23
⋅
Twitter (@embee_research)
⋅
Extracting Xworm from Bloated Golang Executable XWorm |
2023-08-23
⋅
Twitter (@cyberwar_15)
⋅
Tweet about VT upload of "Cloud agnostic IAM permissions enumerator" from North Korea |
2023-07-23
⋅
Medium infoSec Write-ups
⋅
Unpacking an Emotet Trojan Emotet |
2023-07-11
⋅
Twitter (@embee_research)
⋅
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp DarkSide |
2023-06-24
⋅
Twitter (@embee_research)
⋅
SmokeLoader - Malware Analysis and Decoding With Procmon SmokeLoader |
2023-06-08
⋅
Twitter (@embee_research)
⋅
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker |
2023-05-19
⋅
Twitter (@embee_research)
⋅
Analysis of Amadey Bot Infrastructure Using Shodan Amadey |
2023-05-18
⋅
Twitter (@embee_research)
⋅
Identifying Laplas Infrastructure Using Shodan and Censys LaplasClipper |
2023-05-17
⋅
Medium (@DCSO_CyTec)
⋅
Andariel’s “Jupiter” malware and the case of the curious C2 Jupiter |
2023-05-17
⋅
Medium (@DCSO_CyTec)
⋅
Andariel’s “Jupiter” malware and the case of the curious C2 Jupiter |
2023-05-17
⋅
Medium (@DCSO_CyTec)
⋅
Andariel’s “Jupiter” malware and the case of the curious C2 Jupiter |
2023-05-17
⋅
Medium (@DCSO_CyTec)
⋅
Andariel’s “Jupiter” malware and the case of the curious C2 Jupiter |