Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-19Medium (@DCSO_CyTec)Johann Aydinbas
@online{aydinbas:20230919:shortandmalicious:a0cff0b, author = {Johann Aydinbas}, title = {{#ShortAndMalicious — DarkGate}}, date = {2023-09-19}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-darkgate-d9102a457232}, language = {English}, urldate = {2023-09-20} } #ShortAndMalicious — DarkGate
DarkGate
2023-05-17Medium (@DCSO_CyTec)Johann Aydinbas, Emilia Neuber, Kritika Roy, Axel Wauer, Jiro Minier
@online{aydinbas:20230517:andariels:517dbe2, author = {Johann Aydinbas and Emilia Neuber and Kritika Roy and Axel Wauer and Jiro Minier}, title = {{Andariel’s “Jupiter” malware and the case of the curious C2}}, date = {2023-05-17}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/andariels-jupiter-malware-and-the-case-of-the-curious-c2-dbfe29f57499}, language = {English}, urldate = {2023-05-21} } Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter
2023-02-10DCSOJohann Aydinbas, Axel Wauer
@online{aydinbas:20230210:shortandmalicious:c26d7a5, author = {Johann Aydinbas and Axel Wauer}, title = {{#ShortAndMalicious — PikaBot and the Matanbuchus connection}}, date = {2023-02-10}, organization = {DCSO}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-pikabot-and-the-matanbuchus-connection-5e302644398}, language = {English}, urldate = {2023-02-15} } #ShortAndMalicious — PikaBot and the Matanbuchus connection
Pikabot
2022-11-16Medium (@DCSO_CyTec)Johann Aydinbas, Axel Wauer
@online{aydinbas:20221116:hz:b5a2d6d, author = {Johann Aydinbas and Axel Wauer}, title = {{HZ RAT goes China}}, date = {2022-11-16}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/hz-rat-goes-china-506854c5f2e2}, language = {English}, urldate = {2022-11-18} } HZ RAT goes China
HZ RAT
2022-11-08DCSOAxel Wauer, Johann Aydinbas
@online{wauer:20221108:shortandmalicious:21e0fa8, author = {Axel Wauer and Johann Aydinbas}, title = {{#ShortAndMalicious: StrelaStealer aims for mail credentials}}, date = {2022-11-08}, organization = {DCSO}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-strelastealer-aims-for-mail-credentials-a4c3e78c8abc}, language = {English}, urldate = {2022-11-11} } #ShortAndMalicious: StrelaStealer aims for mail credentials
StrelaStealer
2022-10-11Medium (@DCSO_CyTec)Axel Wauer, Johann Aydinbas, Denis Szadkowski
@online{wauer:20221011:tracking:7c6c193, author = {Axel Wauer and Johann Aydinbas and Denis Szadkowski}, title = {{Tracking down Maggie}}, date = {2022-10-11}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/tracking-down-maggie-4d889872513d}, language = {English}, urldate = {2022-10-30} } Tracking down Maggie
Maggie
2022-10-04Medium (@DCSO_CyTec)Johann Aydinbas, Axel Wauer
@online{aydinbas:20221004:mssql:df4869a, author = {Johann Aydinbas and Axel Wauer}, title = {{MSSQL, meet Maggie}}, date = {2022-10-04}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/mssql-meet-maggie-898773df3b01}, language = {English}, urldate = {2022-10-05} } MSSQL, meet Maggie
Maggie
2022-05-23DCSOJohann Aydinbas, Colin Murphy
@online{aydinbas:20220523:deal:00dc16f, author = {Johann Aydinbas and Colin Murphy}, title = {{A deal with the devil: Analysis of a recent Matanbuchus sample}}, date = {2022-05-23}, organization = {DCSO}, url = {https://medium.com/@DCSO_CyTec/a-deal-with-the-devil-analysis-of-a-recent-matanbuchus-sample-3ce991951d6a}, language = {English}, urldate = {2022-05-24} } A deal with the devil: Analysis of a recent Matanbuchus sample
Matanbuchus
2022-04-14Medium (@DCSO_CyTec)DCSO CyTec
@online{cytec:20220414:404:a7dc53d, author = {DCSO CyTec}, title = {{404 — File still found}}, date = {2022-04-14}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/404-file-still-found-d52c3834084c}, language = {English}, urldate = {2022-05-31} } 404 — File still found
SideWinder
2020-01-16DCSODCSO
@online{dcso:20200116:curious:15c5610, author = {DCSO}, title = {{A Curious Case of CVE-2019-19781 Palware: remove_bds}}, date = {2020-01-16}, organization = {DCSO}, url = {https://dcso.de/2020/01/16/a-curious-case-of-cve-2019-19781-palware-remove_bds/}, language = {English}, urldate = {2021-02-06} } A Curious Case of CVE-2019-19781 Palware: remove_bds
NOTROBIN
2019-03-18DCSODCSO
@online{dcso:20190318:enterprise:ff92a62, author = {DCSO}, title = {{Enterprise Malware-as-a-Service: Lazarus Group and the Evolution of Ransomware}}, date = {2019-03-18}, organization = {DCSO}, url = {https://web.archive.org/web/20200922165625/https://dcso.de/2019/03/18/enterprise-malware-as-a-service/}, language = {English}, urldate = {2021-12-13} } Enterprise Malware-as-a-Service: Lazarus Group and the Evolution of Ransomware
Hermes
2019-03-14DCSODCSO
@online{dcso:20190314:pegasusbuhtrap:2e48e0e, author = {DCSO}, title = {{Pegasus/Buhtrap analysis of the malware stage based on the leaked source code}}, date = {2019-03-14}, organization = {DCSO}, url = {https://dcso.de/2019/03/14/pegasus-buhtrap-analysis-of-the-malware-stage-based-on-the-leaked-source-code}, language = {English}, urldate = {2021-02-06} } Pegasus/Buhtrap analysis of the malware stage based on the leaked source code
Buhtrap