Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-09Bleeping ComputerLawrence Abrams
@online{abrams:20220609:roblox:19b3f09, author = {Lawrence Abrams}, title = {{Roblox Game Pass store used to sell ransomware decryptor}}, date = {2022-06-09}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/roblox-game-pass-store-used-to-sell-ransomware-decryptor/}, language = {English}, urldate = {2022-06-10} } Roblox Game Pass store used to sell ransomware decryptor
Chaos
2022-04-18Bleeping ComputerSergiu Gatlan
@online{gatlan:20220418:free:d6f6e7a, author = {Sergiu Gatlan}, title = {{Free decryptor released for Yanluowang ransomware victims}}, date = {2022-04-18}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-yanluowang-ransomware-victims/}, language = {English}, urldate = {2022-04-20} } Free decryptor released for Yanluowang ransomware victims
Yanluowang
2022-03-21Threat PostLisa Vaas
@online{vaas:20220321:conti:0b203c8, author = {Lisa Vaas}, title = {{Conti Ransomware V. 3, Including Decryptor, Leaked}}, date = {2022-03-21}, organization = {Threat Post}, url = {https://threatpost.com/conti-ransomware-v-3-including-decryptor-leaked/179006/}, language = {English}, urldate = {2022-03-22} } Conti Ransomware V. 3, Including Decryptor, Leaked
Cobalt Strike Conti TrickBot
2022-03-04Threat PostLisa Vaas
@online{vaas:20220304:free:60674b1, author = {Lisa Vaas}, title = {{Free HermeticRansom Ransomware Decryptor Released}}, date = {2022-03-04}, organization = {Threat Post}, url = {https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/}, language = {English}, urldate = {2022-03-07} } Free HermeticRansom Ransomware Decryptor Released
PartyTicket
2022-03-03Bleeping ComputerBill Toulas
@online{toulas:20220303:free:f5952fa, author = {Bill Toulas}, title = {{Free decryptor released for HermeticRansom victims in Ukraine}}, date = {2022-03-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-hermeticransom-victims-in-ukraine/}, language = {English}, urldate = {2022-03-04} } Free decryptor released for HermeticRansom victims in Ukraine
PartyTicket
2022-03-03Avast DecodedThreat Research Team
@online{team:20220303:help:d086921, author = {Threat Research Team}, title = {{Help for Ukraine: Free decryptor for HermeticRansom ransomware}}, date = {2022-03-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware/}, language = {English}, urldate = {2022-03-03} } Help for Ukraine: Free decryptor for HermeticRansom ransomware
PartyTicket
2022-03-02ThreatpostLisa Vaas
@online{vaas:20220302:conti:ffc8271, author = {Lisa Vaas}, title = {{Conti Ransomware Decryptor, TrickBot Source Code Leaked}}, date = {2022-03-02}, organization = {Threatpost}, url = {https://threatpost.com/conti-ransomware-decryptor-trickbot-source-code-leaked/178727/}, language = {English}, urldate = {2022-03-07} } Conti Ransomware Decryptor, TrickBot Source Code Leaked
Conti TrickBot
2022-03-01Github (usualsuspect)Johann Aydinbas
@online{aydinbas:20220301:python:1e7cf7b, author = {Johann Aydinbas}, title = {{Python script to decrypt embedded driver used in Daxin}}, date = {2022-03-01}, organization = {Github (usualsuspect)}, url = {https://gist.github.com/usualsuspect/839fbc54e0d76bb2626329cd94274cd6}, language = {English}, urldate = {2022-03-07} } Python script to decrypt embedded driver used in Daxin
Daxin
2022-03-01CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220301:decryptable:27c195e, author = {CrowdStrike Intelligence Team}, title = {{Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities}}, date = {2022-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine/}, language = {English}, urldate = {2022-03-07} } Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities
PartyTicket
2022-02-24LIFARSVlad Pasca
@online{pasca:20220224:how:77b74bc, author = {Vlad Pasca}, title = {{How to Decrypt the Files Encrypted by the Hive Ransomware}}, date = {2022-02-24}, organization = {LIFARS}, url = {https://lifars.com/2022/02/how-to-decrypt-the-files-encrypted-by-the-hive-ransomware/}, language = {English}, urldate = {2022-03-01} } How to Decrypt the Files Encrypted by the Hive Ransomware
Hive Hive
2022-02-24kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220224:quicknote:bea9238, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Techniques for decrypting BazarLoader strings}}, date = {2022-02-24}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/02/24/quicknote-techniques-for-decrypting-bazarloader-strings/}, language = {English}, urldate = {2022-03-01} } [QuickNote] Techniques for decrypting BazarLoader strings
BazarBackdoor
2022-02-18Kookmin UniversityGiyoon Kim, Soram Kim, Soojin Kang, Jongsung Kim
@techreport{kim:20220218:method:4b41876, author = {Giyoon Kim and Soram Kim and Soojin Kang and Jongsung Kim}, title = {{A Method for Decrypting Data Infected with Hive Ransomware}}, date = {2022-02-18}, institution = {Kookmin University}, url = {https://arxiv.org/pdf/2202.08477.pdf}, language = {English}, urldate = {2022-02-19} } A Method for Decrypting Data Infected with Hive Ransomware
Hive Hive
2022-02-09Bleeping ComputerLawrence Abrams
@online{abrams:20220209:ransomware:e36973b, author = {Lawrence Abrams}, title = {{Ransomware dev releases Egregor, Maze master decryption keys}}, date = {2022-02-09}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/ransomware-dev-releases-egregor-maze-master-decryption-keys/}, language = {English}, urldate = {2022-02-10} } Ransomware dev releases Egregor, Maze master decryption keys
Egregor Maze Sekhmet
2022-02-09Security AffairsPierluigi Paganini
@online{paganini:20220209:master:b0b64b8, author = {Pierluigi Paganini}, title = {{Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online}}, date = {2022-02-09}, organization = {Security Affairs}, url = {https://securityaffairs.co/wordpress/127826/malware/egregor-sekhmet-decryption-keys.html}, language = {English}, urldate = {2022-02-10} } Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online
Egregor m0yv Maze Sekhmet
2022-02-07Bleeping ComputerSergiu Gatlan
@online{gatlan:20220207:free:98f37bd, author = {Sergiu Gatlan}, title = {{Free decryptor released for TargetCompany ransomware victims}}, date = {2022-02-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/}, language = {English}, urldate = {2022-02-19} } Free decryptor released for TargetCompany ransomware victims
TargetCompany
2022-02-07Avast DecodedAvast Threat Research Team
@online{team:20220207:decrypted:f204a1f, author = {Avast Threat Research Team}, title = {{Decrypted: TargetCompany Ransomware}}, date = {2022-02-07}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware/}, language = {English}, urldate = {2022-02-10} } Decrypted: TargetCompany Ransomware
TargetCompany
2022-02-07SecurityAffairsPierluigi Paganini
@online{paganini:20220207:avast:12bb4e5, author = {Pierluigi Paganini}, title = {{Avast released a free decryptor for TargetCompany ransomware}}, date = {2022-02-07}, organization = {SecurityAffairs}, url = {https://securityaffairs.co/wordpress/127761/malware/targetcompany-ransomware-decryptor.html}, language = {English}, urldate = {2022-02-10} } Avast released a free decryptor for TargetCompany ransomware
TargetCompany
2022-01-13TrustwaveLloyd Macrohon, Rodel Mendrez
@online{macrohon:20220113:decrypting:274747e, author = {Lloyd Macrohon and Rodel Mendrez}, title = {{Decrypting Qakbot’s Encrypted Registry Keys}}, date = {2022-01-13}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/decrypting-qakbots-encrypted-registry-keys/}, language = {English}, urldate = {2022-01-25} } Decrypting Qakbot’s Encrypted Registry Keys
QakBot
2021-12-11YouTube (AGDC Services)AGDC Services
@online{services:20211211:how:358bd74, author = {AGDC Services}, title = {{How To Extract & Decrypt Qbot Configs Across Variants}}, date = {2021-12-11}, organization = {YouTube (AGDC Services)}, url = {https://www.youtube.com/watch?v=M22c1JgpG-U}, language = {English}, urldate = {2021-12-20} } How To Extract & Decrypt Qbot Configs Across Variants
QakBot
2021-11-21Cyber-AnubisNidal Fikri
@online{fikri:20211121:dridex:b9218fa, author = {Nidal Fikri}, title = {{Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction}}, date = {2021-11-21}, organization = {Cyber-Anubis}, url = {https://cyber-anubis.github.io/malware%20analysis/dridex/}, language = {English}, urldate = {2021-12-01} } Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction
DoppelDridex Dridex