Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-23GoogleBenoit Sevens, Clement Lecigne, Google Threat Analysis Group
@online{sevens:20220623:spyware:e4fb7dd, author = {Benoit Sevens and Clement Lecigne and Google Threat Analysis Group}, title = {{Spyware vendor targets users in Italy and Kazakhstan}}, date = {2022-06-23}, organization = {Google}, url = {https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/}, language = {English}, urldate = {2022-07-01} } Spyware vendor targets users in Italy and Kazakhstan
Hermit
2022-06-13ZscalerRomain Dumont
@online{dumont:20220613:technical:631941a, author = {Romain Dumont}, title = {{Technical Analysis of PureCrypter: A Fully-Functional Loader Distributing Remote Access Trojans and Information Stealers}}, date = {2022-06-13}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-purecrypter}, language = {English}, urldate = {2022-07-01} } Technical Analysis of PureCrypter: A Fully-Functional Loader Distributing Remote Access Trojans and Information Stealers
404 Keylogger
2022-06-13SecurityScorecardVlad Pasca
@online{pasca:20220613:detailed:f49a7e1, author = {Vlad Pasca}, title = {{A Detailed Analysis Of The Last Version Of REvil Ransomware (Download PDF)}}, date = {2022-06-13}, organization = {SecurityScorecard}, url = {https://securityscorecard.com/research/a-detailed-analysis-of-the-last-version-of-revil-ransomware}, language = {English}, urldate = {2022-06-15} } A Detailed Analysis Of The Last Version Of REvil Ransomware (Download PDF)
REvil
2022-06-04kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220604:quicknote:dc79142, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] CobaltStrike SMB Beacon Analysis}}, date = {2022-06-04}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/06/04/quicknote-cobaltstrike-smb-beacon-analysis-2/}, language = {English}, urldate = {2022-06-07} } [QuickNote] CobaltStrike SMB Beacon Analysis
Cobalt Strike
2022-06-02Youtube (AhmedS Kasmani)AhmedS Kasmani
@online{kasmani:20220602:zloader:a5a0759, author = {AhmedS Kasmani}, title = {{Zloader Malware Analysis - 1. Unpacking First stage.}}, date = {2022-06-02}, organization = {Youtube (AhmedS Kasmani)}, url = {https://www.youtube.com/watch?v=mhX-UoaYnOM}, language = {English}, urldate = {2022-06-04} } Zloader Malware Analysis - 1. Unpacking First stage.
Zloader
2022-06-01Group-IBNikita Rostovcev, Alexander Badaev
@online{rostovcev:20220601:sidewinderantibotscript:62cb932, author = {Nikita Rostovcev and Alexander Badaev}, title = {{SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan}}, date = {2022-06-01}, organization = {Group-IB}, url = {https://blog.group-ib.com/sidewinder-antibot}, language = {English}, urldate = {2022-06-02} } SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan
2022-06-01ElasticDaniel Stepanic, Derek Ditch, Seth Goodwin, Salim Bitam, Andrew Pease
@online{stepanic:20220601:cuba:333f7c1, author = {Daniel Stepanic and Derek Ditch and Seth Goodwin and Salim Bitam and Andrew Pease}, title = {{CUBA Ransomware Campaign Analysis}}, date = {2022-06-01}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/cuba-ransomware-campaign-analysis}, language = {English}, urldate = {2022-06-09} } CUBA Ransomware Campaign Analysis
Cobalt Strike Cuba Meterpreter MimiKatz SystemBC
2022-06-01ElasticSalim Bitam
@online{bitam:20220601:cuba:040c34a, author = {Salim Bitam}, title = {{CUBA Ransomware Malware Analysis}}, date = {2022-06-01}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/cuba-ransomware-malware-analysis}, language = {English}, urldate = {2022-06-09} } CUBA Ransomware Malware Analysis
Cuba
2022-05-29muha2xmadMuhammad Hasan Ali
@online{ali:20220529:full:cf742e7, author = {Muhammad Hasan Ali}, title = {{Full Anubis android malware analysis}}, date = {2022-05-29}, organization = {muha2xmad}, url = {https://muha2xmad.github.io/malware-analysis/anubis/}, language = {English}, urldate = {2022-05-29} } Full Anubis android malware analysis
Anubis
2022-05-27KrollCole Manaster, George Glass, Elio Biasiotto
@online{manaster:20220527:emotet:77000c1, author = {Cole Manaster and George Glass and Elio Biasiotto}, title = {{Emotet Analysis: New LNKs in the Infection Chain – The Monitor, Issue 20}}, date = {2022-05-27}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/monitor/emotet-analysis-new-lnk-in-the-infection-chain}, language = {English}, urldate = {2022-05-31} } Emotet Analysis: New LNKs in the Infection Chain – The Monitor, Issue 20
Emotet
2022-05-24The Hacker NewsFlorian Goutin
@online{goutin:20220524:malware:e85b49b, author = {Florian Goutin}, title = {{Malware Analysis: Trickbot}}, date = {2022-05-24}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/05/malware-analysis-trickbot.html}, language = {English}, urldate = {2022-05-29} } Malware Analysis: Trickbot
Cobalt Strike Conti Ryuk TrickBot
2022-05-23DCSOJohann Aydinbas, Colin Murphy
@online{aydinbas:20220523:deal:00dc16f, author = {Johann Aydinbas and Colin Murphy}, title = {{A deal with the devil: Analysis of a recent Matanbuchus sample}}, date = {2022-05-23}, organization = {DCSO}, url = {https://medium.com/@DCSO_CyTec/a-deal-with-the-devil-analysis-of-a-recent-matanbuchus-sample-3ce991951d6a}, language = {English}, urldate = {2022-05-24} } A deal with the devil: Analysis of a recent Matanbuchus sample
Matanbuchus
2022-05-21Github (x-junior)Mohamed Ashraf
@online{ashraf:20220521:deep:0e3523b, author = {Mohamed Ashraf}, title = {{Deep Analysis of Mars Stealer}}, date = {2022-05-21}, organization = {Github (x-junior)}, url = {https://x-junior.github.io/malware%20analysis/MarsStealer/}, language = {English}, urldate = {2022-05-23} } Deep Analysis of Mars Stealer
Mars Stealer
2022-05-19GoogleClement Lecigne, Christian Resell, Google Threat Analysis Group
@online{lecigne:20220519:protecting:847f98a, author = {Clement Lecigne and Christian Resell and Google Threat Analysis Group}, title = {{Protecting Android users from 0-Day attacks}}, date = {2022-05-19}, organization = {Google}, url = {https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/}, language = {English}, urldate = {2022-05-25} } Protecting Android users from 0-Day attacks
2022-05-18eSentireeSentire Threat Response Unit (TRU)
@online{tru:20220518:esentire:662b9d9, author = {eSentire Threat Response Unit (TRU)}, title = {{eSentire Threat Intelligence Malware Analysis: Mars Stealer}}, date = {2022-05-18}, organization = {eSentire}, url = {https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-mars-stealer}, language = {English}, urldate = {2022-05-24} } eSentire Threat Intelligence Malware Analysis: Mars Stealer
Mars Stealer
2022-05-18PRODAFT Threat IntelligencePRODAFT
@techreport{prodaft:20220518:wizard:e7ee1c4, author = {PRODAFT}, title = {{Wizard Spider In-Depth Analysis}}, date = {2022-05-18}, institution = {PRODAFT Threat Intelligence}, url = {https://www.prodaft.com/m/reports/WizardSpider_TLPWHITE_v.1.4.pdf}, language = {English}, urldate = {2022-05-25} } Wizard Spider In-Depth Analysis
Cobalt Strike Conti
2022-05-16Github (Dump-GUY)Jiří Vinopal
@online{vinopal:20220516:malware:f716c6a, author = {Jiří Vinopal}, title = {{Malware Analysis Report – APT29 C2-Client Dropbox Loader}}, date = {2022-05-16}, organization = {Github (Dump-GUY)}, url = {https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering/blob/main/APT29_C2-Client_Dropbox_Loader/APT29-DropboxLoader_analysis.md}, language = {English}, urldate = {2022-05-25} } Malware Analysis Report – APT29 C2-Client Dropbox Loader
2022-05-16vmwareOleg Boyarchuk, Stefano Ortolani, Jason Zhang, Threat Analysis Unit
@online{boyarchuk:20220516:emotet:6392ff3, author = {Oleg Boyarchuk and Stefano Ortolani and Jason Zhang and Threat Analysis Unit}, title = {{Emotet Moves to 64 bit and Updates its Loader}}, date = {2022-05-16}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/05/emotet-moves-to-64-bit-and-updates-its-loader.html}, language = {English}, urldate = {2022-05-17} } Emotet Moves to 64 bit and Updates its Loader
Emotet
2022-05-16JPCERT/CCShusei Tomonaga
@online{tomonaga:20220516:analysis:b1c8089, author = {Shusei Tomonaga}, title = {{Analysis of HUI Loader}}, date = {2022-05-16}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2022/05/HUILoader.html}, language = {English}, urldate = {2022-05-17} } Analysis of HUI Loader
HUI Loader PlugX Poison Ivy Quasar RAT
2022-05-12CloudsekAnandeshwar Unnikrishnan
@online{unnikrishnan:20220512:technical:87d0cbd, author = {Anandeshwar Unnikrishnan}, title = {{Technical Analysis of Emerging, Sophisticated Pandora Ransomware Group}}, date = {2022-05-12}, organization = {Cloudsek}, url = {https://cloudsek.com/technical-analysis-of-emerging-sophisticated-pandora-ransomware-group/}, language = {English}, urldate = {2022-05-17} } Technical Analysis of Emerging, Sophisticated Pandora Ransomware Group
Pandora