Click here to download all references as Bib-File.•
| 2018-11-27
⋅
Vitali Kremez Blog
⋅
Let's Learn: In-Depth on Sofacy Cannon Loader/Backdoor Review Cannon |
| 2018-11-13
⋅
Vitali Kremez Blog
⋅
Let's Learn: Dissect Panda Banking Malware's "libinject" Process Injection Module |
| 2018-11-07
⋅
Let’s Learn: Introducing Latest TrickBot Point-of-Sale Finder Module |
| 2018-11-05
⋅
Let's Learn: In-Depth Reversing of Hancitor Dropper/Loader: 2016 vs 2018 Malware Progression Hancitor |
| 2018-10-31
⋅
Vitali Kremez Blog
⋅
Let's Learn: Exploring ZeusVM Banking Malware Hooking Engine |
| 2018-09-07
⋅
Let's Learn: Deeper Dive into "IcedID"/"BokBot" Banking Malware: Part 1 IcedID |
| 2018-08-25
⋅
Let's Learn: In-Depth Reversing of Recent Gozi ISFB Banking Malware Version 2.16/2.17 (portion of ISFB v3) & "loader.dll/client.dll" |
| 2018-08-20
⋅
Vitali Kremez Blog
⋅
Let's Learn: Dissecting Panda Banker & Modules: Webinject, Grabber & Keylogger DLL Modules PandaBanker |
| 2018-08-05
⋅
Vitali Kremez Blog
⋅
Let's Learn: Diving into the Latest "Ramnit" Banker Malware via "sLoad" PowerShell sLoad |
| 2018-07-29
⋅
Vitali Kremez Blog
⋅
Let's Learn: In-Depth Reversing of Qakbot "qbot" Banker Part 1 QakBot |
| 2018-04-13
⋅
Vitali Kremez Blog
⋅
Let's Learn: In-Depth Dive into Gootkit Banker Version 4 Malware Analysis |
| 2018-04-03
⋅
Vitali Kremez Blog
⋅
Let's Learn: Trickbot Implements Network Collector Module Leveraging CMD, WMI & LDAP TrickBot |
| 2018-03-25
⋅
Vitali Kremez Blog
⋅
Let's Learn: Internals of Iranian-Based Threat Group "Chafer" Malware: Autoit and PowerShell Persistence OilRig |
| 2018-02-22
⋅
Let's Learn: Deeper Dive into Ramnit Banker "VNC IFSB" Remote Control Module Ramnit |
| 2018-01-29
⋅
Vitali Kremez Blog
⋅
Let's Learn: Dissecting FormBook Infostealer Malware: Crypter & "RunLib.dll" Formbook |
| 2017-12-27
⋅
Let's Learn: Cutlet ATM Malware Internals Cutlet |
| 2017-12-19
⋅
Vitali Kremez Blog
⋅
Let's Learn: Introducing New Trickbot LDAP "DomainGrabber" Module TrickBot |
| 2017-12-13
⋅
Vitali Kremez Blog
⋅
Update: Let's Learn: Reversing FIN6 "GratefulPOS" aka "FrameworkPOS" Point-of-Sale Malware in-Depth Grateful POS |
| 2017-11-22
⋅
Flashpoint
⋅
Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model TrickBot |
| 2017-11-21
⋅
Let's Learn: Trickbot Socks5 Backconnect Module In Detail TrickBot |
| 2017-11-12
⋅
Vitali Kremez Blog
⋅
Let's Learn: Dissecting Golroted Trojan's Process Hollowing Technique & UAC Bypass in HKCU\Environment Golroted |
| 2017-11-05
⋅
Vitali Kremez Blog
⋅
Let's Learn: Lethic Spambot & Survey of Anti-Analysis Techniques Lethic |
| 2017-08-18
⋅
Twitter (@VK_intel)
⋅
Tweet on extracted config from Gootkit SnatchLoader |
| 2017-07-24
⋅
Vitali Kremez Blog
⋅
Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2' Azorult |
| 2015-12-26
⋅
Flashpoint
⋅
Backdoor: Win32/Hesetox.A: vSkimmer POS Malware Analysis vSkimmer |