Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-14BluelivAlberto Marín, Carlos Rubio, Blueliv Labs Team
@online{marn:20201214:using:e81621e, author = {Alberto Marín and Carlos Rubio and Blueliv Labs Team}, title = {{Using Qiling Framework to Unpack TA505 packed samples}}, date = {2020-12-14}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/using-qiling-framework-to-unpack-ta505-packed-samples/}, language = {English}, urldate = {2020-12-15} } Using Qiling Framework to Unpack TA505 packed samples
AndroMut Azorult Silence TinyMet
2020-09-30BluelivCarlos Rubio, Jose Miguel Esparza, Blueliv Labs Team
@online{rubio:20200930:rooty:91be64b, author = {Carlos Rubio and Jose Miguel Esparza and Blueliv Labs Team}, title = {{Rooty Dolphin uses Mekotio to target bank clients in South America and Europe}}, date = {2020-09-30}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/rooty-dolphin-uses-mekotio-to-target-bank-clients-in-south-america-and-europe/}, language = {English}, urldate = {2020-10-07} } Rooty Dolphin uses Mekotio to target bank clients in South America and Europe
Mekotio
2020-08-05BluelivCarlos Rubio, Blueliv Labs Team
@online{rubio:20200805:playing:5b11606, author = {Carlos Rubio and Blueliv Labs Team}, title = {{Playing with GuLoader Anti-VM techniques}}, date = {2020-08-05}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/playing-with-guloader-anti-vm-techniques-malware/}, language = {English}, urldate = {2021-01-10} } Playing with GuLoader Anti-VM techniques
CloudEyE
2020-06-30BluelivBlueliv Labs Team
@online{team:20200630:m00nd3v:be40a82, author = {Blueliv Labs Team}, title = {{M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis}}, date = {2020-06-30}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/covid-19-cybercrime-m00nd3v-hawkeye-malware-threat-actor/}, language = {English}, urldate = {2020-07-16} } M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis
HawkEye Keylogger
2019-12-17BluelivAdrián Ruiz, Jose Miguel Esparza, Blueliv Labs Team
@online{ruiz:20191217:ta505:1c1204e, author = {Adrián Ruiz and Jose Miguel Esparza and Blueliv Labs Team}, title = {{TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking}}, date = {2019-12-17}, organization = {Blueliv}, url = {https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/servhelper-evolution-and-new-ta505-campaigns/}, language = {English}, urldate = {2020-01-09} } TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking
ServHelper TA505
2019-04-29BluelivBlueliv Labs Team
@online{team:20190429:where:8c3db39, author = {Blueliv Labs Team}, title = {{Where is Emotet? Latest geolocation data}}, date = {2019-04-29}, organization = {Blueliv}, url = {https://www.blueliv.com/blog/research/where-is-emotet-latest-geolocation-data/}, language = {English}, urldate = {2020-01-08} } Where is Emotet? Latest geolocation data
Emotet
2019-02-07BluelivBlueliv Labs Team
@online{team:20190207:sales:c48c8d0, author = {Blueliv Labs Team}, title = {{Sales of AZORult grind to an AZOR-halt}}, date = {2019-02-07}, organization = {Blueliv}, url = {https://www.blueliv.com/blog-news/research/azorult-crydbrox-stops-sells-malware-credential-stealer/}, language = {English}, urldate = {2019-11-20} } Sales of AZORult grind to an AZOR-halt
Azorult
2018-10-05BluelivBlueliv Labs Team
@online{team:20181005:ars:73951a5, author = {Blueliv Labs Team}, title = {{ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)}}, date = {2018-10-05}, organization = {Blueliv}, url = {https://www.blueliv.com/blog-news/research/ars-loader-evolution-zeroevil-ta545-airnaine/}, language = {English}, urldate = {2020-01-08} } ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)
ARS VBS Loader ZeroEvil