Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-24Youtube (Virus Bulletin)Axelle Apvrille
@online{apvrille:20221024:hunting:8eeb90d, author = {Axelle Apvrille}, title = {{Hunting the AndroidBianLian botnet}}, date = {2022-10-24}, organization = {Youtube (Virus Bulletin)}, url = {https://www.youtube.com/watch?v=DPFcvSy4OZk}, language = {English}, urldate = {2022-11-11} } Hunting the AndroidBianLian botnet
BianLian
2022-06-27Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220627:unpacking:1b11605, author = {Axelle Apvrille}, title = {{Unpacking a JsonPacker-packed sample}}, date = {2022-06-27}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/unpacking-a-jsonpacker-packed-sample-4038e12119f5}, language = {English}, urldate = {2022-08-15} } Unpacking a JsonPacker-packed sample
Xenomorph
2022-06-20Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220620:tracking:828037d, author = {Axelle Apvrille}, title = {{Tracking Android/Joker payloads with Medusa, static analysis (and patience)}}, date = {2022-06-20}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/tracking-android-joker-payloads-with-medusa-static-analysis-and-patience-672348b81ac2}, language = {English}, urldate = {2022-08-15} } Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker
2022-06-09Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220609:quick:0b409f4, author = {Axelle Apvrille}, title = {{Quick look into a new sample of Android/BianLian}}, date = {2022-06-09}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/quick-look-into-a-new-sample-of-android-bianlian-bc5619efa726}, language = {English}, urldate = {2022-08-15} } Quick look into a new sample of Android/BianLian
BianLian Hydra
2022-05-12Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220512:reversing:65ed9cb, author = {Axelle Apvrille}, title = {{Reversing an Android sample which uses Flutter}}, date = {2022-05-12}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/reversing-an-android-sample-which-uses-flutter-23c3ff04b847}, language = {English}, urldate = {2022-08-15} } Reversing an Android sample which uses Flutter
2022-04-29FortinetAxelle Apvrille
@online{apvrille:20220429:warning:a17311e, author = {Axelle Apvrille}, title = {{Warning: GRIM and Magnus Android Botnets are Underground}}, date = {2022-04-29}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/grim-magnus-android-botnets}, language = {English}, urldate = {2022-05-09} } Warning: GRIM and Magnus Android Botnets are Underground
2022-03-08Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220308:live:c5b7cca, author = {Axelle Apvrille}, title = {{Live reverse engineering of a trojanized medical app — Android/Joker}}, date = {2022-03-08}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/live-reverse-engineering-of-a-trojanized-medical-app-android-joker-632d114073c1}, language = {English}, urldate = {2022-08-15} } Live reverse engineering of a trojanized medical app — Android/Joker
Joker
2022-01-25Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220125:bianlian:016e450, author = {Axelle Apvrille}, title = {{BianLian C&C domain name}}, date = {2022-01-25}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/bianlian-c-c-domain-name-4f226a29e221}, language = {English}, urldate = {2022-08-15} } BianLian C&C domain name
BianLian Hydra
2022-01-21Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220121:creating:9e6e3cf, author = {Axelle Apvrille}, title = {{Creating a safe dummy C&C to test Android bots}}, date = {2022-01-21}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/creating-a-safe-dummy-c-c-to-test-android-bots-ffa6e7a3dce5}, language = {English}, urldate = {2022-08-15} } Creating a safe dummy C&C to test Android bots
BianLian Hydra
2022-01-17Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220117:androidbianlian:f425de5, author = {Axelle Apvrille}, title = {{Android/BianLian payload}}, date = {2022-01-17}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/android-bianlian-payload-61febabed00a}, language = {English}, urldate = {2022-08-15} } Android/BianLian payload
BianLian Hydra
2022-01-14Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220114:multidex:eaa6c6b, author = {Axelle Apvrille}, title = {{Multidex trick to unpack Android/BianLian}}, date = {2022-01-14}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56}, language = {English}, urldate = {2022-03-30} } Multidex trick to unpack Android/BianLian
BianLian
2021-05-18Medium (Cryptax)Axelle Apvrille
@online{apvrille:20210518:native:350d98f, author = {Axelle Apvrille}, title = {{A native packer for Android/MoqHao}}, date = {2021-05-18}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/a-native-packer-for-android-moqhao-6362a8412fe1}, language = {English}, urldate = {2021-05-19} } A native packer for Android/MoqHao
MoqHao
2021-03-29Medium (Cryptax)Axelle Apvrille
@online{apvrille:20210329:androidflubot:01484cd, author = {Axelle Apvrille}, title = {{Android/Flubot: preparing for a new campaign?}}, date = {2021-03-29}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/android-flubot-preparing-for-a-new-campaign-2f7563fc6c06}, language = {English}, urldate = {2021-03-31} } Android/Flubot: preparing for a new campaign?
FluBot
2020-12-15Medium (Cryptax)Axelle Apvrille
@online{apvrille:20201215:unpacking:af6a6ee, author = {Axelle Apvrille}, title = {{Unpacking an Android malware with Dexcalibur and JEB}}, date = {2020-12-15}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/unpacking-an-android-malware-with-dexcalibur-and-jeb-59bdd905d4a7}, language = {English}, urldate = {2020-12-19} } Unpacking an Android malware with Dexcalibur and JEB
2020-12-13Medium (Cryptax)Axelle Apvrille
@online{apvrille:20201213:decrypting:ee8b00f, author = {Axelle Apvrille}, title = {{Decrypting strings with a JEB script}}, date = {2020-12-13}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/decrypting-strings-with-a-jeb-script-1af522fa4979}, language = {English}, urldate = {2020-12-19} } Decrypting strings with a JEB script
2020-09-25Medium cryptaxAxelle Apvrille
@online{apvrille:20200925:into:cf7b514, author = {Axelle Apvrille}, title = {{Into Android Meterpreter and how the malware launches it - part 2}}, date = {2020-09-25}, organization = {Medium cryptax}, url = {https://medium.com/@cryptax/into-android-meterpreter-and-how-the-malware-launches-it-part-2-ef5aad2ebf12}, language = {English}, urldate = {2020-09-25} } Into Android Meterpreter and how the malware launches it - part 2
Meterpreter
2020-09-18Medium cryptaxAxelle Apvrille
@online{apvrille:20200918:locating:56e0b57, author = {Axelle Apvrille}, title = {{Locating the Trojan inside an infected COVID-19 contact tracing app}}, date = {2020-09-18}, organization = {Medium cryptax}, url = {https://medium.com/@cryptax/locating-the-trojan-inside-an-infected-covid-19-contact-tracing-app-21e23f90fbfe}, language = {English}, urldate = {2020-09-25} } Locating the Trojan inside an infected COVID-19 contact tracing app
Meterpreter
2017-03-15FortinetAxelle Apvrille
@online{apvrille:20170315:teardown:e3c30e6, author = {Axelle Apvrille}, title = {{Teardown of Android/Ztorg (Part 2)}}, date = {2017-03-15}, organization = {Fortinet}, url = {http://blog.fortinet.com/2017/03/08/teardown-of-android-ztorg-part-2}, language = {English}, urldate = {2019-12-24} } Teardown of Android/Ztorg (Part 2)
Ztorg
2017-03-15FortinetAxelle Apvrille
@online{apvrille:20170315:teardown:76fb758, author = {Axelle Apvrille}, title = {{Teardown of a Recent Variant of Android/Ztorg (Part 1)}}, date = {2017-03-15}, organization = {Fortinet}, url = {https://blog.fortinet.com/2017/03/15/teardown-of-a-recent-variant-of-android-ztorg-part-1}, language = {English}, urldate = {2019-12-10} } Teardown of a Recent Variant of Android/Ztorg (Part 1)
Ztorg