Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-20Avast DecodedAnh ho
@online{ho:20210920:blustealer:9beaf4b, author = {Anh ho}, title = {{BluStealer: from SpyEx to ThunderFox}}, date = {2021-09-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/blustealer/}, language = {English}, urldate = {2021-09-22} } BluStealer: from SpyEx to ThunderFox
BluStealer
2021-08-11Avast DecodedMartin Chlumecký
@online{chlumeck:20210811:dirtymoe:4cb640e, author = {Martin Chlumecký}, title = {{DirtyMoe: Rootkit Driver}}, date = {2021-08-11}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-rootkit-driver/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Rootkit Driver
DirtyMoe
2021-07-08Avast DecodedThreat Intelligence Team
@online{team:20210708:decoding:04acb98, author = {Threat Intelligence Team}, title = {{Decoding Cobalt Strike: Understanding Payloads}}, date = {2021-07-08}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads/}, language = {English}, urldate = {2021-07-08} } Decoding Cobalt Strike: Understanding Payloads
Cobalt Strike Empire Downloader
2021-07-01Avast DecodedLuigino Camastra, Igor Morgenstern, Jan Vojtěšek
@online{camastra:20210701:backdoored:6f26c16, author = {Luigino Camastra and Igor Morgenstern and Jan Vojtěšek}, title = {{Backdoored Client from Mongolian CA MonPass}}, date = {2021-07-01}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass/}, language = {English}, urldate = {2021-07-02} } Backdoored Client from Mongolian CA MonPass
Cobalt Strike
2021-06-16Avast DecodedMartin Chlumecký
@online{chlumeck:20210616:dirtymoe:9e1065a, author = {Martin Chlumecký}, title = {{DirtyMoe: Introduction and General Overview of Modularized Malware}}, date = {2021-06-16}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-1/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Introduction and General Overview of Modularized Malware
DirtyMoe
2021-05-19Avast DecodedDavid Zimmer
@online{zimmer:20210519:binary:1fda440, author = {David Zimmer}, title = {{Binary Reuse of VB6 P-Code Functions}}, date = {2021-05-19}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/reusing-vb6-p-code-functions/}, language = {English}, urldate = {2021-05-26} } Binary Reuse of VB6 P-Code Functions
2021-05-12Avast DecodedDavid Zimmer
@online{zimmer:20210512:writing:f056e19, author = {David Zimmer}, title = {{Writing a VB6 P-Code Debugger}}, date = {2021-05-12}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/writing-a-vb6-p-code-debugger/}, language = {English}, urldate = {2021-05-26} } Writing a VB6 P-Code Debugger
2021-05-05Avast DecodedDavid Zimmer
@online{zimmer:20210505:vb6:c12dd45, author = {David Zimmer}, title = {{VB6 P-Code Disassembly}}, date = {2021-05-05}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-disassembly/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Disassembly
2021-04-28Avast DecodedDavid Zimmer
@online{zimmer:20210428:vb6:a8bfd2e, author = {David Zimmer}, title = {{VB6 P-Code Obfuscation}}, date = {2021-04-28}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-obfuscation/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Obfuscation
2021-04-22Avast DecodedDavid Zimmer
@online{zimmer:20210422:binary:ec29b94, author = {David Zimmer}, title = {{Binary Data Hiding in VB6 Executables}}, date = {2021-04-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/binary-data-hiding-in-vb6-executables/}, language = {English}, urldate = {2021-04-29} } Binary Data Hiding in VB6 Executables
2021-04-15Avast DecodedRomana Tesařová
@online{tesaov:20210415:hackboss:18b3c2e, author = {Romana Tesařová}, title = {{HackBoss: A cryptocurrency-stealing malware distributed through Telegram}}, date = {2021-04-15}, organization = {Avast Decoded}, url = {https://decoded.avast.io/romanalinkeova/hackboss-a-cryptocurrency-stealing-malware-distributed-through-telegram/}, language = {English}, urldate = {2021-04-16} } HackBoss: A cryptocurrency-stealing malware distributed through Telegram
2021-03-17Avast DecodedJakub Kaloč
@online{kalo:20210317:hidden:7757b8d, author = {Jakub Kaloč}, title = {{Hidden menace: Peeling back the secrets of OnionCrypter}}, date = {2021-03-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/jakubkaloc/onion-crypter/}, language = {English}, urldate = {2021-03-19} } Hidden menace: Peeling back the secrets of OnionCrypter
2021-02-22Avast DecodedAnh ho
@online{ho:20210222:masslogger:632f622, author = {Anh ho}, title = {{MassLogger v3: a .NET stealer with serious obfuscation}}, date = {2021-02-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/masslogger-v3-a-net-stealer-with-serious-obfuscation/}, language = {English}, urldate = {2021-02-25} } MassLogger v3: a .NET stealer with serious obfuscation
MASS Logger
2021-02-03Avast DecodedJan Vojtěšek, Jan Rubín
@online{vojtek:20210203:backdoored:21906b8, author = {Jan Vojtěšek and Jan Rubín}, title = {{Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests}}, date = {2021-02-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/backdoored-browser-extensions-hid-malicious-traffic-in-analytics-requests/}, language = {English}, urldate = {2021-02-04} } Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests
2020-12-09Avast DecodedLuigino Camastra, Igor Morgenstern
@online{camastra:20201209:targeting:952844f, author = {Luigino Camastra and Igor Morgenstern}, title = {{APT Group Targeting Governmental Agencies in East Asia}}, date = {2020-12-09}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-targeting-governmental-agencies-in-east-asia/}, language = {English}, urldate = {2021-01-27} } APT Group Targeting Governmental Agencies in East Asia
Albaniiutas HyperBro PlugX Tmanger
2020-10-14Avast DecodedJan Vojtěšek
@online{vojtek:20201014:fakembam:abce405, author = {Jan Vojtěšek}, title = {{FakeMBAM: Backdoor Delivered Through Software Updates}}, date = {2020-10-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/fakembam-backdoor-delivered-through-software-updates/}, language = {English}, urldate = {2020-10-23} } FakeMBAM: Backdoor Delivered Through Software Updates
2020-09-25Avast DecodedMartin Hron
@online{hron:20200925:fresh:41ed4d0, author = {Martin Hron}, title = {{The Fresh Smell of ransomed coffee}}, date = {2020-09-25}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinhron/the-fresh-smell-of-ransomed-coffee/}, language = {English}, urldate = {2020-09-25} } The Fresh Smell of ransomed coffee
2020-09-17Avast DecodedJan Rubín
@online{rubn:20200917:complex:e1b3abc, author = {Jan Rubín}, title = {{Complex obfuscation? Meh… (1/2)}}, date = {2020-09-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/complex-obfuscation-meh/}, language = {English}, urldate = {2020-09-24} } Complex obfuscation? Meh… (1/2)
2020-05-20Avast DecodedDavid Jursa, Simi Musilova, Jan Rubín, Alexej Savčin
@online{jursa:20200520:ghostdns:43190d5, author = {David Jursa and Simi Musilova and Jan Rubín and Alexej Savčin}, title = {{GhostDNS Source Code Leaked}}, date = {2020-05-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/}, language = {English}, urldate = {2020-05-23} } GhostDNS Source Code Leaked
2020-05-14Avast DecodedLuigino Camastra
@online{camastra:20200514:planted:03eab5a, author = {Luigino Camastra}, title = {{APT Group Planted Backdoors Targeting High Profile Networks in Central Asia}}, date = {2020-05-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia/}, language = {English}, urldate = {2020-05-14} } APT Group Planted Backdoors Targeting High Profile Networks in Central Asia
BYEBY Microcin Microcin