Click here to download all references as Bib-File.•
| 2022-04-14
⋅
Medium (@DCSO_CyTec)
⋅
404 — File still found SideWinder |
| 2022-04-04
⋅
The DFIR Report
⋅
Stolen Images Campaign Ends in Conti Ransomware Conti IcedID |
| 2022-03-12
⋅
Twitter (@ET_Labs)
⋅
A quick thread examining the network artifacts of the HermeticWizard spreading HermeticWizard |
| 2022-03-10
⋅
Twitter (@teamcymru_S2)
⋅
Tweet on Crimson RAT infrastructure used by APT36 Crimson RAT |
| 2022-02-28
⋅
Twitter (@M_haggis)
⋅
Tweet on parsing Daxin driver metadata using powershell Daxin |
| 2022-02-26
⋅
Atomic Matryoshka
⋅
Infographic: APTs in South America Imminent Monitor RAT Machete |
| 2022-02-21
⋅
Atomic Matryoshka
⋅
Ousaban MSI Installer Analysis Ousaban |
| 2022-02-17
⋅
Twitter (@Honeymoon_IoC)
⋅
Tweets on win.prometei caught via Cowrie Prometei |
| 2022-01-28
⋅
Atomic Matryoshka
⋅
Malware Headliners: LokiBot Loki Password Stealer (PWS) |
| 2022-01-24
⋅
Twitter (@_icebre4ker_)
⋅
Vultur Dropper on Google Play Store Vultur |
| 2022-01-22
⋅
Atomic Matryoshka
⋅
Malware Headliners: Emotet Emotet |
| 2022-01-21
⋅
Twitter (@_CPResearch_)
⋅
Tweet on WhiteLambert malware Lambert |
| 2022-01-20
⋅
Cybleinc
⋅
Deep Dive Into Ragnar_locker Ransomware Gang RagnarLocker |
| 2022-01-15
⋅
Atomic Matryoshka
⋅
Malware Headliners: Qakbot QakBot |
| 2022-01-13
⋅
Twitter (@8th_grey_owl)
⋅
Tweet on SelfMake Loader SelfMake Loader |
| 2022-01-09
⋅
Github (xephora)
⋅
Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware Choziosi Choziosi |
| 2022-01-09
⋅
Atomic Matryoshka
⋅
Malware Headliners: Dridex Dridex |
| 2022-01-02
⋅
Atomic Matryoshka
⋅
"Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer RedLine Stealer |
| 2021-11-17
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
| 2021-11-16
⋅
Twitter (@_CPResearch_)
⋅
Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group |