Click here to download all references as Bib-File.•
2023-06-08
⋅
Twitter (@embee_research)
⋅
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker |
2023-05-31
⋅
Twitter (@jaydinbas)
⋅
Tweet about C++ payload delivered via ISO Unidentified 104 |
2023-05-19
⋅
Twitter (@embee_research)
⋅
Analysis of Amadey Bot Infrastructure Using Shodan Amadey |
2023-05-18
⋅
Twitter (@embee_research)
⋅
Identifying Laplas Infrastructure Using Shodan and Censys LaplasClipper |
2023-05-07
⋅
Twitter (@embee_research)
⋅
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints Agent Tesla |
2023-04-28
⋅
Twitter (@MichalKoczwara)
⋅
Tweet on hunting BRC4 infrastructure Brute Ratel C4 |
2023-04-28
⋅
Twitter (@MalGamy12)
⋅
Tweet explaning similarity between Conti and Akira code Akira |
2023-04-18
⋅
Twitter (@1ZRR4H)
⋅
Tweet on CrossLock CrossLock |
2023-04-18
⋅
Twitter (@threatinsight)
⋅
Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware BumbleBee |
2023-04-16
⋅
Twitter (@malwrhunterteam)
⋅
Tweet on MacOS Lockbit sample LockBit |
2023-04-11
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on change of IcedID backconnect traffic port from 8080 to 443 IcedID |
2023-04-10
⋅
Twitter (@embee_research)
⋅
Redline Stealer - Static Analysis and C2 Extraction Amadey RedLine Stealer |
2023-04-08
⋅
Twitter (@embee_research)
⋅
Dcrat - Manual De-obfuscation of .NET Malware DCRat |
2023-04-03
⋅
Twitter (@kucher1n)
⋅
Tweet on an alternative Guporam sample Gopuram |
2023-03-21
⋅
Twitter (@splinter_code)
⋅
Tweet on BlackByte ransomware rewrite in C++ BlackByte |
2023-03-18
⋅
Twitter (@k3dg3)
⋅
Tweet on TA579 distributing AresLoader via WeTransfer URLs AresLoader |
2023-02-24
⋅
Twitter (@Sebdraven)
⋅
Tweet on IOCTL manipulation in TDL4 and HermeticWiper Alureon HermeticWiper |
2023-02-17
⋅
Twitter (@luc4m)
⋅
Tweets about Darkbit's intermittent encryption DarkBit |
2023-01-18
⋅
Twitter (@Gi7w0rm)
⋅
A long way to SectopRat SectopRAT |
2023-01-16
⋅
Twitter (@zachxbt)
⋅
Tweet on ETH movement of Lazarus |