Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-08Twitter (@embee_research)Embee_research
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries
Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker
2023-05-31Twitter (@jaydinbas)Johann Aydinbas
Tweet about C++ payload delivered via ISO
Unidentified 104
2023-05-19Twitter (@embee_research)Embee_research
Analysis of Amadey Bot Infrastructure Using Shodan
Amadey
2023-05-18Twitter (@embee_research)Embee_research
Identifying Laplas Infrastructure Using Shodan and Censys
LaplasClipper
2023-05-07Twitter (@embee_research)Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla
2023-04-28Twitter (@MichalKoczwara)Michael Koczwara
Tweet on hunting BRC4 infrastructure
Brute Ratel C4
2023-04-28Twitter (@MalGamy12)Gameel Ali
Tweet explaning similarity between Conti and Akira code
Akira
2023-04-18Twitter (@1ZRR4H)Germán Fernández
Tweet on CrossLock
CrossLock
2023-04-18Twitter (@threatinsight)Threat Insight
Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware
BumbleBee
2023-04-16Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on MacOS Lockbit sample
LockBit
2023-04-11Twitter (@Unit42_Intel)Unit42
Tweet on change of IcedID backconnect traffic port from 8080 to 443
IcedID
2023-04-10Twitter (@embee_research)Matthew
Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer
2023-04-08Twitter (@embee_research)Embee_research
Dcrat - Manual De-obfuscation of .NET Malware
DCRat
2023-04-03Twitter (@kucher1n)Georgy Kucherin
Tweet on an alternative Guporam sample
Gopuram
2023-03-21Twitter (@splinter_code)Antonio Cocomazzi
Tweet on BlackByte ransomware rewrite in C++
BlackByte
2023-03-18Twitter (@k3dg3)Kelsey Merriman
Tweet on TA579 distributing AresLoader via WeTransfer URLs
AresLoader
2023-02-24Twitter (@Sebdraven)Sébastien Larinier
Tweet on IOCTL manipulation in TDL4 and HermeticWiper
Alureon HermeticWiper
2023-02-17Twitter (@luc4m)Luca Mella
Tweets about Darkbit's intermittent encryption
DarkBit
2023-01-18Twitter (@Gi7w0rm)Gi7w0rm
A long way to SectopRat
SectopRAT
2023-01-16Twitter (@zachxbt)ZachXBT
Tweet on ETH movement of Lazarus