Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-11Twitter (@MalGamy12)Gameel Ali
Tweet on Astasia loader
Astasia
2023-08-10Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on the sample discovery
Unidentified 109 (Lazarus?)
2023-08-08Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet about INC ransomware
INC
2023-08-08Twitter (@suyog41)Yogesh Londhe
Twitter Thread describing the Stealer
0bj3ctivityStealer
2023-07-19Twitter (@h2jazi)Hossein Jazi
Tweet on observation with Korean targeting, suspecting Lazarus
Unidentified 105
2023-07-19Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar
2023-07-11Twitter (@embee_research)Embee_research
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp
DarkSide
2023-06-30Twitter (@rivitna2)@rivitna2
Twitter thread about relationship between 8Base and Phobos ransomware
8Base Phobos
2023-06-24Twitter (@embee_research)Embee_research
SmokeLoader - Malware Analysis and Decoding With Procmon
SmokeLoader
2023-06-08Twitter (@embee_research)Embee_research
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries
Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker
2023-05-31Twitter (@jaydinbas)Johann Aydinbas
Tweet about C++ payload delivered via ISO
Unidentified 104
2023-05-19Twitter (@embee_research)Embee_research
Analysis of Amadey Bot Infrastructure Using Shodan
Amadey
2023-05-18Twitter (@embee_research)Embee_research
Identifying Laplas Infrastructure Using Shodan and Censys
LaplasClipper
2023-05-07Twitter (@embee_research)Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla
2023-04-28Twitter (@MichalKoczwara)Michael Koczwara
Tweet on hunting BRC4 infrastructure
Brute Ratel C4
2023-04-28Twitter (@MalGamy12)Gameel Ali
Tweet explaning similarity between Conti and Akira code
Akira
2023-04-18Twitter (@1ZRR4H)Germán Fernández
Tweet on CrossLock
CrossLock
2023-04-18Twitter (@threatinsight)Threat Insight
Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware
BumbleBee
2023-04-16Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on MacOS Lockbit sample
LockBit
2023-04-11Twitter (@Unit42_Intel)Unit42
Tweet on change of IcedID backconnect traffic port from 8080 to 443
IcedID