Click here to download all references as Bib-File.•
| 2023-04-19
⋅
Sophos
⋅
‘AuKill’ EDR killer malware abuses Process Explorer driver AuKill |
| 2022-12-13
⋅
Sophos
⋅
Signed driver malware moves up the software trust chain KillAV |
| 2022-10-04
⋅
Sophos
⋅
Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse BlackByte |
| 2022-05-04
⋅
Sophos
⋅
Attacking Emotet’s Control Flow Flattening Emotet |
| 2021-08-22
⋅
Malware and Stuff
⋅
PEB: Where Magic Is Stored Dacls |
| 2021-01-24
⋅
malwareandstuff blog
⋅
Catching Debuggers with Section Hashing |
| 2020-07-12
⋅
Malware and Stuff
⋅
Deobfuscating DanaBot’s API Hashing DanaBot |
| 2020-06-21
⋅
Malware and Stuff
⋅
UpnP – Messing up Security since years QakBot |
| 2020-06-10
⋅
Gdata
⋅
Harmful Logging - Diving into MassLogger MASS Logger |
| 2020-05-24
⋅
Malware and Stuff
⋅
Examining Smokeloader’s Anti Hooking technique SmokeLoader |
| 2020-05-05
⋅
Malware and Stuff
⋅
An old enemy – Diving into QBot part 3 QakBot |
| 2020-03-30
⋅
Malware and Stuff
⋅
An old enemy – Diving into QBot part 1 QakBot |
| 2020-03-22
⋅
Malware and Stuff
⋅
Mustang Panda joins the COVID-19 bandwagon Cobalt Strike |