Click here to download all references as Bib-File.•
| 2025-10-21
⋅
Elastic
⋅
TOLLBOOTH: What's yours, IIS mine TOLLBOOTH |
| 2025-05-22
⋅
Elastic
⋅
De-obfuscating ALCATRAZ DOUBLELOADER Rhadamanthys |
| 2025-02-13
⋅
Elastic
⋅
You've Got Malware: FINALDRAFT Hides in Your Drafts FINALDRAFT FINALDRAFT PATHLOADER |
| 2024-12-12
⋅
Elastic
⋅
Under the SADBRIDGE with GOSAR: QUASAR Gets a Golang Rewrite Gosar Quasar RAT SADBRIDGE |
| 2024-10-03
⋅
GitHub (dstepanic)
⋅
Getting Cozy with Milk and WARMCOOKIES WarmCookie |
| 2024-08-01
⋅
Elastic
⋅
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor BITSloth |
| 2024-06-12
⋅
Elastic
⋅
Dipping into Danger: The WARMCOOKIE backdoor WarmCookie |
| 2024-05-16
⋅
Elastic
⋅
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID IcedID Latrodectus |
| 2024-02-23
⋅
Elastic
⋅
PIKABOT, I choose you! Pikabot |
| 2023-12-06
⋅
Elastic
⋅
Getting gooey with GULOADER: deobfuscating the downloader CloudEyE |
| 2023-10-03
⋅
Elastic
⋅
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE) EagerBee SManager REF2924 REF5961 |
| 2023-08-24
⋅
Elastic
⋅
Revisting BLISTER: New development of the BLISTER loader Blister |
| 2023-08-24
⋅
Elastic
⋅
Revisting BLISTER: New development of the BLISTER loader Blister |
| 2023-06-09
⋅
Elastic
⋅
Elastic charms SPECTRALVIPER |
| 2023-06-09
⋅
Elastic
⋅
Elastic charms SPECTRALVIPER SPECTRALVIPER |
| 2023-04-25
⋅
Elastic
⋅
Elastic Security Labs discovers the LOBSHOT malware LOBSHOT |
| 2023-03-30
⋅
Elastic
⋅
Elastic users protected from SUDDENICON’s supply chain attack 3CX Backdoor |
| 2023-03-17
⋅
Elastic
⋅
Thawing the permafrost of ICEDID Summary IcedID PhotoLoader |
| 2022-12-16
⋅
Elastic
⋅
SiestaGraph: New implant uncovered in ASEAN member foreign ministry DoorMe SiestaGraph |
| 2022-10-31
⋅
Elastic
⋅
ICEDIDs network infrastructure is alive and well IcedID |