Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-13Avast DecodedJan Neduchal, David Álvarez
@online{neduchal:20220613:linux:67027a5, author = {Jan Neduchal and David Álvarez}, title = {{Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild}}, date = {2022-06-13}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/}, language = {English}, urldate = {2022-06-15} } Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild
Rekoobe
2022-04-21Avast DecodedDaniel Beneš
@online{bene:20220421:warez:b31715c, author = {Daniel Beneš}, title = {{Warez users fell for Certishell}}, date = {2022-04-21}, organization = {Avast Decoded}, url = {https://decoded.avast.io/danielbenes/warez-users-fell-for-certishell/}, language = {English}, urldate = {2022-04-29} } Warez users fell for Certishell
2022-04-14Avast DecodedVladimir Martyanov
@online{martyanov:20220414:zloader:23c520a, author = {Vladimir Martyanov}, title = {{Zloader 2: The Silent Night}}, date = {2022-04-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/vladimirmartyanov/zloader-the-silent-night/}, language = {English}, urldate = {2022-04-15} } Zloader 2: The Silent Night
ISFB Raccoon Zloader
2022-04-07Avast DecodedPavel Novák, Jan Rubín
@online{novk:20220407:parrot:9c74f9b, author = {Pavel Novák and Jan Rubín}, title = {{Parrot TDS takes over web servers and threatens millions}}, date = {2022-04-07}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/parrot-tds-takes-over-web-servers-and-threatens-millions/}, language = {English}, urldate = {2022-04-08} } Parrot TDS takes over web servers and threatens millions
FAKEUPDATES Parrot TDS Parrot TDS WebShell NetSupportManager RAT
2022-03-03Avast DecodedThreat Research Team
@online{team:20220303:help:d086921, author = {Threat Research Team}, title = {{Help for Ukraine: Free decryptor for HermeticRansom ransomware}}, date = {2022-03-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware/}, language = {English}, urldate = {2022-03-03} } Help for Ukraine: Free decryptor for HermeticRansom ransomware
PartyTicket
2022-02-07Avast DecodedAvast Threat Research Team
@online{team:20220207:decrypted:f204a1f, author = {Avast Threat Research Team}, title = {{Decrypted: TargetCompany Ransomware}}, date = {2022-02-07}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware/}, language = {English}, urldate = {2022-02-10} } Decrypted: TargetCompany Ransomware
TargetCompany
2021-10-27Avast DecodedAvast
@online{avast:20211027:avast:6b44ea1, author = {Avast}, title = {{Avast releases decryptor for AtomSilo and LockFile ransomware}}, date = {2021-10-27}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/decryptor-for-atomsilo-and-lockfile-ransomware/}, language = {English}, urldate = {2021-11-08} } Avast releases decryptor for AtomSilo and LockFile ransomware
ATOMSILO LockFile
2021-09-20Avast DecodedAnh ho
@online{ho:20210920:blustealer:9beaf4b, author = {Anh ho}, title = {{BluStealer: from SpyEx to ThunderFox}}, date = {2021-09-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/blustealer/}, language = {English}, urldate = {2021-09-22} } BluStealer: from SpyEx to ThunderFox
BluStealer
2021-08-11Avast DecodedMartin Chlumecký
@online{chlumeck:20210811:dirtymoe:4cb640e, author = {Martin Chlumecký}, title = {{DirtyMoe: Rootkit Driver}}, date = {2021-08-11}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-rootkit-driver/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Rootkit Driver
DirtyMoe
2021-07-08Avast DecodedThreat Intelligence Team
@online{team:20210708:decoding:04acb98, author = {Threat Intelligence Team}, title = {{Decoding Cobalt Strike: Understanding Payloads}}, date = {2021-07-08}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads/}, language = {English}, urldate = {2021-07-08} } Decoding Cobalt Strike: Understanding Payloads
Cobalt Strike Empire Downloader
2021-07-01Avast DecodedLuigino Camastra, Igor Morgenstern, Jan Vojtěšek
@online{camastra:20210701:backdoored:6f26c16, author = {Luigino Camastra and Igor Morgenstern and Jan Vojtěšek}, title = {{Backdoored Client from Mongolian CA MonPass}}, date = {2021-07-01}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass/}, language = {English}, urldate = {2021-07-02} } Backdoored Client from Mongolian CA MonPass
Cobalt Strike
2021-06-16Avast DecodedMartin Chlumecký
@online{chlumeck:20210616:dirtymoe:9e1065a, author = {Martin Chlumecký}, title = {{DirtyMoe: Introduction and General Overview of Modularized Malware}}, date = {2021-06-16}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinchlumecky/dirtymoe-1/}, language = {English}, urldate = {2021-09-20} } DirtyMoe: Introduction and General Overview of Modularized Malware
DirtyMoe
2021-05-19Avast DecodedDavid Zimmer
@online{zimmer:20210519:binary:1fda440, author = {David Zimmer}, title = {{Binary Reuse of VB6 P-Code Functions}}, date = {2021-05-19}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/reusing-vb6-p-code-functions/}, language = {English}, urldate = {2021-05-26} } Binary Reuse of VB6 P-Code Functions
2021-05-12Avast DecodedDavid Zimmer
@online{zimmer:20210512:writing:f056e19, author = {David Zimmer}, title = {{Writing a VB6 P-Code Debugger}}, date = {2021-05-12}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/writing-a-vb6-p-code-debugger/}, language = {English}, urldate = {2021-05-26} } Writing a VB6 P-Code Debugger
2021-05-05Avast DecodedDavid Zimmer
@online{zimmer:20210505:vb6:c12dd45, author = {David Zimmer}, title = {{VB6 P-Code Disassembly}}, date = {2021-05-05}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-disassembly/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Disassembly
2021-04-28Avast DecodedDavid Zimmer
@online{zimmer:20210428:vb6:a8bfd2e, author = {David Zimmer}, title = {{VB6 P-Code Obfuscation}}, date = {2021-04-28}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/vb6-p-code-obfuscation/}, language = {English}, urldate = {2021-05-26} } VB6 P-Code Obfuscation
2021-04-22Avast DecodedDavid Zimmer
@online{zimmer:20210422:binary:ec29b94, author = {David Zimmer}, title = {{Binary Data Hiding in VB6 Executables}}, date = {2021-04-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/davidzimmer/binary-data-hiding-in-vb6-executables/}, language = {English}, urldate = {2021-04-29} } Binary Data Hiding in VB6 Executables
2021-04-15Avast DecodedRomana Tesařová
@online{tesaov:20210415:hackboss:18b3c2e, author = {Romana Tesařová}, title = {{HackBoss: A cryptocurrency-stealing malware distributed through Telegram}}, date = {2021-04-15}, organization = {Avast Decoded}, url = {https://decoded.avast.io/romanalinkeova/hackboss-a-cryptocurrency-stealing-malware-distributed-through-telegram/}, language = {English}, urldate = {2021-04-16} } HackBoss: A cryptocurrency-stealing malware distributed through Telegram
2021-03-17Avast DecodedJakub Kaloč
@online{kalo:20210317:hidden:7757b8d, author = {Jakub Kaloč}, title = {{Hidden menace: Peeling back the secrets of OnionCrypter}}, date = {2021-03-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/jakubkaloc/onion-crypter/}, language = {English}, urldate = {2021-03-19} } Hidden menace: Peeling back the secrets of OnionCrypter
2021-02-22Avast DecodedAnh ho
@online{ho:20210222:masslogger:632f622, author = {Anh ho}, title = {{MassLogger v3: a .NET stealer with serious obfuscation}}, date = {2021-02-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/masslogger-v3-a-net-stealer-with-serious-obfuscation/}, language = {English}, urldate = {2021-02-25} } MassLogger v3: a .NET stealer with serious obfuscation
MASS Logger