Click here to download all references as Bib-File.
| 2023-06-24 ⋅ Twitter (@embee_research) ⋅ SmokeLoader - Malware Analysis and Decoding With Procmon SmokeLoader |
| 2022-10-25 ⋅ Medium walmartglobaltech ⋅ Brute Ratel Config Decoding update Brute Ratel C4 |
| 2022-10-13 ⋅ Booz Allen Hamilton ⋅ Same Cloak, More Dagger: Decoding how the People's Republic of China uses Cyberattacks |
| 2022-05-06 ⋅ Palo Alto Networks Unit 42 ⋅ Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding Cobalt Strike |
| 2022-03-15 ⋅ Security Soup Blog ⋅ Decoding a DanaBot Downloader DanaBot |
| 2021-09-27 ⋅ Youtube (OALabs) ⋅ Live Coding A Squirrelwaffle Malware Config Extractor Squirrelwaffle |
| 2021-09-07 ⋅ Medium walmartglobaltech ⋅ Decoding SmartAssembly strings, a Haron ransomware case study Haron Ransomware |
| 2021-07-08 ⋅ Avast Decoded ⋅ Decoding Cobalt Strike: Understanding Payloads Cobalt Strike Empire Downloader |
| 2021-04-18 ⋅ YouTube (dist67) ⋅ Decoding Cobalt Strike Traffic Cobalt Strike |
| 2021-02-02 ⋅ Trend Micro ⋅ Finding and Decoding Multi-Step Obfuscated Malware |
| 2021-01-06 ⋅ SecureCoding ⋅ All About Doki Malware Doki |
| 2020-07-26 ⋅ Shells.System blog ⋅ In-Memory shellcode decoding to evade AVs/EDRs Cobalt Strike |
| 2018-04-20 ⋅ NCC Group ⋅ Decoding network data from a Gh0st RAT variant Ghost RAT APT27 |
| 2018-04-17 ⋅ NCC Group ⋅ Decoding network data from a Gh0st RAT variant Ghost RAT APT27 |
| 2018-02-26 ⋅ Secure coding and more blog ⋅ Analyzing the nasty .NET protection of the Ploutus.D malware Ploutus ATM |
| 2017-04-17 ⋅ Github (countercept) ⋅ Python script for decoding DOUBLEPULSAR |
| 2016-12-03 ⋅ Coding and Security ⋅ "Sophisticated" and "Genius" Shamoon 2.0 Malware Analysis DistTrack |
| 2016-08-30 ⋅ Palo Alto Networks Unit 42 ⋅ Pythons and Unicorns and Hancitor…Oh My! Decoding Binaries Through Emulation |
| 2015-08-10 ⋅ Coding Stuffs ⋅ Fobber Code Decryption Fobber |
| 2014-08-01 ⋅ Coding and Security ⋅ Soraya Malware Analysis - Dropper soraya |