Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-19Twitter (@embee_research)Embee_research
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
Amadey Cobalt Strike RedLine Stealer SmokeLoader
2023-11-15Twitter (@embee_research)Embee_research
Identifying Simple Pivot Points in Malware Infrastructure - RisePro Stealer
RedLine Stealer RisePro
2023-11-06Twitter (@embee_research)Embee_research
Unpacking Malware With Hardware Breakpoints - Cobalt Strike
Cobalt Strike
2023-11-01Twitter (@embee_research)Embee_research
Malware Unpacking With Memory Dumps - Intermediate Methods (Pe-Sieve, Process Hacker, Hxd and Pe-bear)
AsyncRAT
2023-10-30Twitter (@embee_research)Embee_research
Unpacking .NET Malware With Process Hacker and Dnspy
AsyncRAT
2023-10-27Twitter (@embee_research)Embee_research
Remcos Downloader Analysis - Manual Deobfuscation of Visual Basic and Powershell
Remcos
2023-10-23Twitter (@embee_research)Embee_research
Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation
Cobalt Strike
2023-10-20Twitter (@embee_research)Embee_research
Decoding a Cobalt Strike .hta Loader Using CyberChef and Emulation
Cobalt Strike
2023-10-18Twitter (@embee_research)Embee_research
Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function
Cobalt Strike
2023-10-16Twitter (@embee_research)Embee_research
Decoding a Simple Visual Basic (.vbs) Script - DarkGate Loader
DarkGate
2023-10-13Twitter (@JAMESWT_MHT)JamesWT
Tweets on Wikiloader delivering ISFB
ISFB WikiLoader
2023-10-10Twitter (@embee_research)Embee_research
How To Develop Yara Rules for .NET Malware Using IL ByteCodes
RedLine Stealer
2023-10-05Twitter (@embee_research)Embee_research
Introduction to DotNet Configuration Extraction - RevengeRAT
Revenge RAT
2023-10-04Twitter (@embee_research)Embee_research
Developing Yara Signatures for Malware - Practical Examples
DarkGate Lu0Bot
2023-09-19Medium (@DCSO_CyTec)Johann Aydinbas
#ShortAndMalicious — DarkGate
DarkGate
2023-08-23Twitter (@embee_research)Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm
2023-08-23Twitter (@cyberwar_15)cyberwar_15
Tweet about VT upload of "Cloud agnostic IAM permissions enumerator" from North Korea
2023-07-23irfan_eternalMuhammed Irfan V A
Guloader Deobfuscation using Ghidra
CloudEyE
2023-07-23Medium infoSec Write-upsmov_eax_27
Unpacking an Emotet Trojan
Emotet
2023-07-11Twitter (@embee_research)Embee_research
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp
DarkSide