Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-12-02Avast DecodedThreat Intelligence Team
@online{team:20221202:hitching:0cb7557, author = {Threat Intelligence Team}, title = {{Hitching a ride with Mustang Panda}}, date = {2022-12-02}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/apt-treasure-trove-avast-suspects-chinese-apt-group-mustang-panda-is-collecting-data-from-burmese-government-agencies-and-opposition-groups/}, language = {English}, urldate = {2022-12-02} } Hitching a ride with Mustang Panda
PlugX
2022-11-21Avast DecodedJan Rubín
@online{rubn:20221121:vipersoftx:339e815, author = {Jan Rubín}, title = {{ViperSoftX: Hiding in System Logs and Spreading VenomSoftX}}, date = {2022-11-21}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/vipersoftx-hiding-in-system-logs-and-spreading-venomsoftx/}, language = {English}, urldate = {2022-11-25} } ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
ViperSoftX
2022-09-22AvastJan Vojtěšek
@online{vojtek:20220922:raspberry:26502e1, author = {Jan Vojtěšek}, title = {{Raspberry Robin’s Roshtyak: A Little Lesson in Trickery}}, date = {2022-09-22}, organization = {Avast}, url = {https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/}, language = {English}, urldate = {2022-09-22} } Raspberry Robin’s Roshtyak: A Little Lesson in Trickery
Raspberry Robin Roshtyak
2022-09-06AvastMartin Chlumecký
@online{chlumeck:20220906:prorussian:f4b99ca, author = {Martin Chlumecký}, title = {{Pro-Russian Group Targeting Ukraine Supporters with DDoS Attacks}}, date = {2022-09-06}, organization = {Avast}, url = {https://decoded.avast.io/martinchlumecky/bobik/}, language = {English}, urldate = {2022-09-07} } Pro-Russian Group Targeting Ukraine Supporters with DDoS Attacks
Bobik NoName057(16)
2022-08-19Github (Avast)Avast
@online{avast:20220819:iocs:bc5a832, author = {Avast}, title = {{IOCs for Manjusaka}}, date = {2022-08-19}, organization = {Github (Avast)}, url = {https://github.com/avast/ioc/tree/master/Manjusaka}, language = {English}, urldate = {2022-08-22} } IOCs for Manjusaka
Manjusaka Manjusaka
2022-07-21Avast DecodedJan Vojtěšek
@online{vojtek:20220721:return:0ad0bec, author = {Jan Vojtěšek}, title = {{The Return of Candiru: Zero-days in the Middle East}}, date = {2022-07-21}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/the-return-of-candiru-zero-days-in-the-middle-east/}, language = {English}, urldate = {2022-07-28} } The Return of Candiru: Zero-days in the Middle East
2022-07-19AvastDominika Regéciová
@online{regciov:20220719:yara:58f6c08, author = {Dominika Regéciová}, title = {{Yara vs. HyperScan: Alternative pattern-matching engines}}, date = {2022-07-19}, organization = {Avast}, url = {https://engineering.avast.io/yara-vs-hyperscan-alternative-pattern-matching-engines}, language = {English}, urldate = {2022-07-25} } Yara vs. HyperScan: Alternative pattern-matching engines
2022-07-13AvastDavid Álvarez
@online{lvarez:20220713:go:6ffedb7, author = {David Álvarez}, title = {{Go malware on the rise}}, date = {2022-07-13}, organization = {Avast}, url = {https://decoded.avast.io/davidalvarez/go-malware-on-the-rise/}, language = {English}, urldate = {2022-07-15} } Go malware on the rise
Backdoorit Caligula
2022-06-13Avast DecodedJan Neduchal, David Álvarez
@online{neduchal:20220613:linux:67027a5, author = {Jan Neduchal and David Álvarez}, title = {{Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild}}, date = {2022-06-13}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/}, language = {English}, urldate = {2022-06-15} } Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild
Rekoobe
2022-06-09AvastDominika Regéciová
@online{regciov:20220609:yara:ae26e01, author = {Dominika Regéciová}, title = {{Yara: In Search Of Regular Expressions}}, date = {2022-06-09}, organization = {Avast}, url = {https://engineering.avast.io/yara-in-search-of-regular-expressions/}, language = {English}, urldate = {2022-06-09} } Yara: In Search Of Regular Expressions
2022-06-08AvastPavel Novák
@online{novk:20220608:crypto:e07011c, author = {Pavel Novák}, title = {{Crypto stealing campaign spread via fake cracked software}}, date = {2022-06-08}, organization = {Avast}, url = {https://blog.avast.com/fakecrack-campaign}, language = {English}, urldate = {2022-06-17} } Crypto stealing campaign spread via fake cracked software
2022-06-03Avast DecodedThreat Intelligence Team
@online{team:20220603:outbreak:f121601, author = {Threat Intelligence Team}, title = {{Outbreak of Follina in Australia}}, date = {2022-06-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia}, language = {English}, urldate = {2022-08-30} } Outbreak of Follina in Australia
AsyncRAT APT40
2022-06-03AvastThreat Intelligence Team
@online{team:20220603:outbreak:ee565fa, author = {Threat Intelligence Team}, title = {{Outbreak of Follina in Australia}}, date = {2022-06-03}, organization = {Avast}, url = {https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia/}, language = {English}, urldate = {2022-07-25} } Outbreak of Follina in Australia
AsyncRAT
2022-06-01AvastJakub Vávra
@online{vvra:20220601:smsfactory:766928d, author = {Jakub Vávra}, title = {{SMSFactory Android Trojan producing high costs for victims}}, date = {2022-06-01}, organization = {Avast}, url = {https://blog.avast.com/smsfactory-android-trojan}, language = {English}, urldate = {2022-06-07} } SMSFactory Android Trojan producing high costs for victims
2022-04-21Avast DecodedDaniel Beneš
@online{bene:20220421:warez:b31715c, author = {Daniel Beneš}, title = {{Warez users fell for Certishell}}, date = {2022-04-21}, organization = {Avast Decoded}, url = {https://decoded.avast.io/danielbenes/warez-users-fell-for-certishell/}, language = {English}, urldate = {2022-04-29} } Warez users fell for Certishell
2022-04-14Avast DecodedVladimir Martyanov
@online{martyanov:20220414:zloader:23c520a, author = {Vladimir Martyanov}, title = {{Zloader 2: The Silent Night}}, date = {2022-04-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/vladimirmartyanov/zloader-the-silent-night/}, language = {English}, urldate = {2022-04-15} } Zloader 2: The Silent Night
ISFB Raccoon Zloader
2022-04-07Avast DecodedPavel Novák, Jan Rubín
@online{novk:20220407:parrot:9c74f9b, author = {Pavel Novák and Jan Rubín}, title = {{Parrot TDS takes over web servers and threatens millions}}, date = {2022-04-07}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/parrot-tds-takes-over-web-servers-and-threatens-millions/}, language = {English}, urldate = {2022-04-08} } Parrot TDS takes over web servers and threatens millions
FAKEUPDATES Parrot TDS Parrot TDS WebShell NetSupportManager RAT
2022-03-28AvastThreat Intelligence Team
@online{team:20220328:avast:03620fb, author = {Threat Intelligence Team}, title = {{Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool}}, date = {2022-03-28}, organization = {Avast}, url = {https://decoded.avast.io/threatintel/avast-finds-compromised-philippine-navy-certificate-used-in-remote-access-tool/}, language = {English}, urldate = {2022-04-05} } Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool
Unidentified 091
2022-03-22Avast DecodedLuigino Camastra, Igor Morgenstern, Jan Holman
@online{camastra:20220322:operation:05d8831, author = {Luigino Camastra and Igor Morgenstern and Jan Holman}, title = {{Operation Dragon Castling: APT group targeting betting companies}}, date = {2022-03-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies}, language = {English}, urldate = {2022-08-26} } Operation Dragon Castling: APT group targeting betting companies
FormerFirstRAT MulCom TianWu
2022-03-21AvastAvast
@online{avast:20220321:ioc:b4bb870, author = {Avast}, title = {{IoC from Operation Dragon Castling}}, date = {2022-03-21}, organization = {Avast}, url = {https://github.com/avast/ioc/tree/master/OperationDragonCastling}, language = {English}, urldate = {2022-08-26} } IoC from Operation Dragon Castling
Proto8RAT TianWu