Click here to download all references as Bib-File.•
| 2023-07-18
⋅
GitHub
⋅
Security alert: social engineering campaign targets technology industry employees (Jade Sleet/Storm-0954) |
| 2023-07-16
⋅
Github (cocomelonc)
⋅
Malware development: persistence - part 22. Windows Setup. Simple C++ example. |
| 2023-07-07
⋅
Github (cocomelonc)
⋅
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. |
| 2023-07-06
⋅
Github (Helixo32)
⋅
NimBlackout NimBlackout |
| 2023-06-30
⋅
Github (itaymigdal)
⋅
Formbook unpacking Formbook |
| 2023-06-26
⋅
Github (cocomelonc)
⋅
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. |
| 2023-06-19
⋅
Github (cocomelonc)
⋅
Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example. Glupteba |
| 2023-06-17
⋅
Github (EmissarySpider)
⋅
ransomware-descendants Babuk Conti LockBit |
| 2023-06-15
⋅
Github (cocomelonc)
⋅
Malware analysis report: Babuk ransomware Babuk |
| 2023-06-14
⋅
VulnCheck
⋅
Fake Security Researcher GitHub Repositories Deliver Malicious Implant TorLoader |
| 2023-06-04
⋅
Github (cocomelonc)
⋅
Malware development trick - part 31: Run shellcode via SetTimer. Simple C++ example. |
| 2023-05-21
⋅
Github (0xThiebaut)
⋅
PCAPeek IcedID QakBot |
| 2023-05-19
⋅
Trend Micro
⋅
Rust-Based Info Stealers Abuse GitHub Codespaces DeltaStealer |
| 2023-05-10
⋅
Github (MythicAgents)
⋅
Github Repository for Nimplant Nimplant |
| 2023-05-10
⋅
Github (MythicAgents)
⋅
Github Repository for Poseidon Poseidon Poseidon |
| 2023-04-20
⋅
Github (dodo-sec)
⋅
An analysis of syscall usage in Cobalt Strike Beacons Cobalt Strike |
| 2023-04-14
⋅
Github (Hildaboo)
⋅
SHATTEREDGLASS Server Emulator SHATTEREDGLASS |
| 2023-04-01
⋅
Github (dodo-sec)
⋅
SmoothOperator 3CX Backdoor |
| 2023-03-23
⋅
⋅
AhnLab
⋅
Kimsuky group distributes malware disguised as a profile file (GitHub) |
| 2023-03-21
⋅
Github (rivitna)
⋅
BlackCat v3 Decryptor Scripts BlackCat BlackCat |