Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-08BluelivJose Miguel Esparza
@online{esparza:20220708:ransomware:990e207, author = {Jose Miguel Esparza}, title = {{Ransomware as a Service: Behind the Scenes}}, date = {2022-07-08}, organization = {Blueliv}, url = {https://outpost24.com/blog/Ransomware-as-a-service-behind-the-scenes}, language = {English}, urldate = {2022-07-20} } Ransomware as a Service: Behind the Scenes
2022-01-25BluelivBlueliv
@techreport{blueliv:20220125:cyber:47bcefd, author = {Blueliv}, title = {{Cyber Threat Intelligence for Banking & Financial Services FOLLOW THE MONEY}}, date = {2022-01-25}, institution = {Blueliv}, url = {https://www.blueliv.com/resources/white-papers/financial_wp_21.pdf}, language = {English}, urldate = {2022-01-28} } Cyber Threat Intelligence for Banking & Financial Services FOLLOW THE MONEY
2022BluelivBlueliv
@techreport{blueliv:2022:jester:f41226f, author = {Blueliv}, title = {{Jester Stealer Malware Research 2022}}, date = {2022}, institution = {Blueliv}, url = {https://outpost24.com/sites/default/files/2022-06/jester_stealer_blogspot_22.pdf}, language = {English}, urldate = {2022-07-20} } Jester Stealer Malware Research 2022
2021-05-07BluelivAlberto Marín
@online{marn:20210507:indepth:1b9ec2f, author = {Alberto Marín}, title = {{An In-Depth analysis of the new Taurus Stealer}}, date = {2021-05-07}, organization = {Blueliv}, url = {https://outpost24.com/blog/an-in-depth-analysis-of-the-new-taurus-stealer/}, language = {English}, urldate = {2023-08-07} } An In-Depth analysis of the new Taurus Stealer
Taurus Stealer
2020-12-14BluelivAlberto Marín, Carlos Rubio, Blueliv Labs Team
@online{marn:20201214:using:e81621e, author = {Alberto Marín and Carlos Rubio and Blueliv Labs Team}, title = {{Using Qiling Framework to Unpack TA505 packed samples}}, date = {2020-12-14}, organization = {Blueliv}, url = {https://outpost24.com/blog/using-qiling-framework-to-unpack-ta505-packed-samples/}, language = {English}, urldate = {2023-08-03} } Using Qiling Framework to Unpack TA505 packed samples
AndroMut Azorult Silence TinyMet
2020-09-30BluelivCarlos Rubio, Jose Miguel Esparza, Blueliv Labs Team
@online{rubio:20200930:rooty:91be64b, author = {Carlos Rubio and Jose Miguel Esparza and Blueliv Labs Team}, title = {{Rooty Dolphin uses Mekotio to target bank clients in South America and Europe}}, date = {2020-09-30}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/rooty-dolphin-uses-mekotio-to-target-bank-clients-in-south-america-and-europe/}, language = {English}, urldate = {2020-10-07} } Rooty Dolphin uses Mekotio to target bank clients in South America and Europe
Mekotio
2020-08-05BluelivCarlos Rubio, Blueliv Labs Team
@online{rubio:20200805:playing:5b11606, author = {Carlos Rubio and Blueliv Labs Team}, title = {{Playing with GuLoader Anti-VM techniques}}, date = {2020-08-05}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/playing-with-guloader-anti-vm-techniques-malware/}, language = {English}, urldate = {2021-01-10} } Playing with GuLoader Anti-VM techniques
CloudEyE
2020-06-30BluelivBlueliv Labs Team
@online{team:20200630:m00nd3v:be40a82, author = {Blueliv Labs Team}, title = {{M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis}}, date = {2020-06-30}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/covid-19-cybercrime-m00nd3v-hawkeye-malware-threat-actor/}, language = {English}, urldate = {2020-07-16} } M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis
HawkEye Keylogger
2020-05-04BluelivBlueliv Team
@online{team:20200504:escape:63ebdfa, author = {Blueliv Team}, title = {{Escape from the Maze}}, date = {2020-05-04}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/escape-from-the-maze/}, language = {English}, urldate = {2020-05-11} } Escape from the Maze
Maze
2019-12-17BluelivAdrián Ruiz, Jose Miguel Esparza, Blueliv Labs Team
@online{ruiz:20191217:ta505:1c1204e, author = {Adrián Ruiz and Jose Miguel Esparza and Blueliv Labs Team}, title = {{TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking}}, date = {2019-12-17}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/servhelper-evolution-and-new-ta505-campaigns/}, language = {English}, urldate = {2020-01-09} } TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking
ServHelper TA505
2019-11-20BluelivBlueliv Team
@techreport{team:20191120:malware:8720455, author = {Blueliv Team}, title = {{Malware Campaign Targeting LATAM & Spanish Banks}}, date = {2019-11-20}, institution = {Blueliv}, url = {https://blueliv.com/resources/reports/MiniReport-Blueliv-Bancos-ESP-LAT.pdf}, language = {English}, urldate = {2021-07-29} } Malware Campaign Targeting LATAM & Spanish Banks
Grandoreiro
2019-11-06BluelivJose Miguel Esparza, Blueliv Team
@online{esparza:20191106:spanish:eaf5520, author = {Jose Miguel Esparza and Blueliv Team}, title = {{Spanish consultancy Everis suffers BitPaymer ransomware attack: a brief analysis}}, date = {2019-11-06}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/everis-bitpaymer-ransomware-attack-analysis-dridex/}, language = {English}, urldate = {2020-01-08} } Spanish consultancy Everis suffers BitPaymer ransomware attack: a brief analysis
FriedEx
2019-07-29BluelivAlberto Marín
@online{marn:20190729:analysis:c32955f, author = {Alberto Marín}, title = {{An analysis of a spam distribution botnet: the inner workings of Onliner Spambot}}, date = {2019-07-29}, organization = {Blueliv}, url = {https://outpost24.com/blog/an-analysis-of-a-spam-distribution-botnet}, language = {English}, urldate = {2023-01-25} } An analysis of a spam distribution botnet: the inner workings of Onliner Spambot
OnlinerSpambot
2019-04-29BluelivBlueliv Labs Team
@online{team:20190429:where:8c3db39, author = {Blueliv Labs Team}, title = {{Where is Emotet? Latest geolocation data}}, date = {2019-04-29}, organization = {Blueliv}, url = {https://www.blueliv.com/blog/research/where-is-emotet-latest-geolocation-data/}, language = {English}, urldate = {2020-01-08} } Where is Emotet? Latest geolocation data
Emotet
2019-02-07BluelivBlueliv Labs Team
@online{team:20190207:sales:c48c8d0, author = {Blueliv Labs Team}, title = {{Sales of AZORult grind to an AZOR-halt}}, date = {2019-02-07}, organization = {Blueliv}, url = {https://www.blueliv.com/blog-news/research/azorult-crydbrox-stops-sells-malware-credential-stealer/}, language = {English}, urldate = {2019-11-20} } Sales of AZORult grind to an AZOR-halt
Azorult
2018-10-05BluelivBlueliv Labs Team
@online{team:20181005:ars:73951a5, author = {Blueliv Labs Team}, title = {{ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)}}, date = {2018-10-05}, organization = {Blueliv}, url = {https://www.blueliv.com/blog-news/research/ars-loader-evolution-zeroevil-ta545-airnaine/}, language = {English}, urldate = {2020-01-08} } ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)
ARS VBS Loader ZeroEvil
2018-07BluelivBlueliv
@techreport{blueliv:201807:necurs:652cee2, author = {Blueliv}, title = {{Necurs Malware Overview}}, date = {2018-07}, institution = {Blueliv}, url = {https://www.blueliv.com/wp-content/uploads/2018/07/Blueliv-Necurs-report-2017.pdf}, language = {English}, urldate = {2019-12-10} } Necurs Malware Overview
Necurs
2017-10-06BluelivBlueliv
@online{blueliv:20171006:trickbot:a2a9ac8, author = {Blueliv}, title = {{TrickBot banking trojan using EFLAGS as an anti-hook technique}}, date = {2017-10-06}, organization = {Blueliv}, url = {https://www.blueliv.com/research/trickbot-banking-trojan-using-eflags-as-an-anti-hook-technique/}, language = {English}, urldate = {2020-01-08} } TrickBot banking trojan using EFLAGS as an anti-hook technique
TrickBot
2016-09BluelivBlueliv
@techreport{blueliv:201609:chasing:1c02f62, author = {Blueliv}, title = {{Chasing Cybercrime: Network insights into Vawtrak v2}}, date = {2016-09}, institution = {Blueliv}, url = {https://www.blueliv.com/downloads/network-insights-into-vawtrak-v2.pdf}, language = {English}, urldate = {2020-01-07} } Chasing Cybercrime: Network insights into Vawtrak v2
Vawtrak
2016-02-01BluelivRaashid Bhat
@online{bhat:20160201:tracking:f5fa1f1, author = {Raashid Bhat}, title = {{Tracking the footprints of PushDo Trojan}}, date = {2016-02-01}, organization = {Blueliv}, url = {https://www.blueliv.com/research/tracking-the-footproints-of-pushdo-trojan/}, language = {English}, urldate = {2019-11-20} } Tracking the footprints of PushDo Trojan
Pushdo