Click here to download all references as Bib-File.
2023-04-19 ⋅ Sophos ⋅ ‘AuKill’ EDR killer malware abuses Process Explorer driver AuKill |
2022-12-13 ⋅ Sophos ⋅ Signed driver malware moves up the software trust chain KillAV |
2022-10-04 ⋅ Sophos ⋅ Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse BlackByte |
2022-05-04 ⋅ Sophos ⋅ Attacking Emotet’s Control Flow Flattening Emotet |
2021-08-22 ⋅ Malware and Stuff ⋅ PEB: Where Magic Is Stored Dacls |
2021-01-24 ⋅ malwareandstuff blog ⋅ Catching Debuggers with Section Hashing |
2020-07-12 ⋅ Malware and Stuff ⋅ Deobfuscating DanaBot’s API Hashing DanaBot |
2020-06-21 ⋅ Malware and Stuff ⋅ UpnP – Messing up Security since years QakBot |
2020-06-10 ⋅ Gdata ⋅ Harmful Logging - Diving into MassLogger MASS Logger |
2020-05-24 ⋅ Malware and Stuff ⋅ Examining Smokeloader’s Anti Hooking technique SmokeLoader |
2020-05-05 ⋅ Malware and Stuff ⋅ An old enemy – Diving into QBot part 3 QakBot |
2020-03-30 ⋅ Malware and Stuff ⋅ An old enemy – Diving into QBot part 1 QakBot |
2020-03-22 ⋅ Malware and Stuff ⋅ Mustang Panda joins the COVID-19 bandwagon Cobalt Strike |