Click here to download all references as Bib-File.•
| 2023-07-06
⋅
Github (Helixo32)
⋅
NimBlackout NimBlackout |
| 2023-06-30
⋅
Github (itaymigdal)
⋅
Formbook unpacking Formbook |
| 2023-06-26
⋅
Github (cocomelonc)
⋅
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. |
| 2023-06-19
⋅
Github (cocomelonc)
⋅
Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example. Glupteba |
| 2023-06-17
⋅
Github (EmissarySpider)
⋅
ransomware-descendants Babuk Conti LockBit |
| 2023-06-15
⋅
Github (cocomelonc)
⋅
Malware analysis report: Babuk ransomware Babuk |
| 2023-06-14
⋅
VulnCheck
⋅
Fake Security Researcher GitHub Repositories Deliver Malicious Implant TorLoader |
| 2023-06-04
⋅
Github (cocomelonc)
⋅
Malware development trick - part 31: Run shellcode via SetTimer. Simple C++ example. |
| 2023-05-21
⋅
Github (0xThiebaut)
⋅
PCAPeek IcedID QakBot |
| 2023-05-19
⋅
Trend Micro
⋅
Rust-Based Info Stealers Abuse GitHub Codespaces DeltaStealer |
| 2023-05-10
⋅
Github (MythicAgents)
⋅
Github Repository for Nimplant Nimplant |
| 2023-05-10
⋅
Github (MythicAgents)
⋅
Github Repository for Poseidon Poseidon Poseidon |
| 2023-04-20
⋅
Github (dodo-sec)
⋅
An analysis of syscall usage in Cobalt Strike Beacons Cobalt Strike |
| 2023-04-14
⋅
Github (Hildaboo)
⋅
SHATTEREDGLASS Server Emulator SHATTEREDGLASS |
| 2023-04-01
⋅
Github (dodo-sec)
⋅
SmoothOperator 3CX Backdoor |
| 2023-03-23
⋅
⋅
AhnLab
⋅
Kimsuky group distributes malware disguised as a profile file (GitHub) |
| 2023-03-21
⋅
Github (rivitna)
⋅
BlackCat v3 Decryptor Scripts BlackCat BlackCat |
| 2023-03-09
⋅
Github (cocomelonc)
⋅
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. |
| 2023-02-14
⋅
Github (clairelevin)
⋅
Writing a decryptor for Jaff ransomware Jaff |
| 2023-02-09
⋅
Github (muha2xmad)
⋅
Technical analysis of Godfather android malware Godfather |