Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-21Medium infoSec Write-upsJustAnother-Engineer
@online{justanotherengineer:20231121:unmasking:68727c8, author = {JustAnother-Engineer}, title = {{Unmasking NJRat: A Deep Dive into a Notorious Remote Access Trojan Part1}}, date = {2023-11-21}, organization = {Medium infoSec Write-ups}, url = {https://infosecwriteups.com/part1-static-code-analysis-of-the-rat-njrat-2f273408df43}, language = {English}, urldate = {2023-11-22} } Unmasking NJRat: A Deep Dive into a Notorious Remote Access Trojan Part1
NjRAT
2023-11-17Cisco TalosGuilherme Venere
@online{venere:20231117:deep:b5f97e0, author = {Guilherme Venere}, title = {{A deep dive into Phobos ransomware, recently deployed by 8Base group}}, date = {2023-11-17}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/deep-dive-into-phobos-ransomware/}, language = {English}, urldate = {2023-11-27} } A deep dive into Phobos ransomware, recently deployed by 8Base group
8Base Phobos
2023-10-05Group-IBGroup-IB
@online{groupib:20231005:lets:08bd64c, author = {Group-IB}, title = {{Let's dig deeper: dissecting the new Android Trojan GoldDigger with Group-IB Fraud Matrix}}, date = {2023-10-05}, organization = {Group-IB}, url = {https://www.group-ib.com/blog/golddigger-fraud-matrix/}, language = {English}, urldate = {2023-10-09} } Let's dig deeper: dissecting the new Android Trojan GoldDigger with Group-IB Fraud Matrix
GoldDigger
2023-10-05VirusBulletinSuguru Ishimaru, Hajime Yanagishita, Yusuke Niwa
@online{ishimaru:20231005:unveiling:fdb4856, author = {Suguru Ishimaru and Hajime Yanagishita and Yusuke Niwa}, title = {{Unveiling activities of Tropic Trooper 2023: deep analysis of Xiangoop Loader and EntryShell payload}}, date = {2023-10-05}, organization = {VirusBulletin}, url = {https://www.virusbulletin.com/conference/vb2023/abstracts/unveiling-activities-tropic-trooper-2023-deep-analysis-xiangoop-loader-and-entryshell-payload/}, language = {English}, urldate = {2023-10-06} } Unveiling activities of Tropic Trooper 2023: deep analysis of Xiangoop Loader and EntryShell payload
EntryShell Xiangoop
2023-09-27Cyber GeeksVlad Pasca
@online{pasca:20230927:deep:2958d5b, author = {Vlad Pasca}, title = {{A Deep Dive into Brute Ratel C4 payloads – Part 2}}, date = {2023-09-27}, organization = {Cyber Geeks}, url = {https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads-part-2/}, language = {English}, urldate = {2023-09-29} } A Deep Dive into Brute Ratel C4 payloads – Part 2
Brute Ratel C4
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
@online{vaitzman:20230914:operation:0b13a33, author = {Mark Vaitzman and Ron Ben Yizhak and Simon Kenin}, title = {{Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets}}, date = {2023-09-14}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/operation-rusty-flag-a-malicious-campaign-against-azerbaijanian-targets}, language = {English}, urldate = {2023-09-19} } Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-09-12ZscalerSudeep Singh
@online{singh:20230912:peek:6769a87, author = {Sudeep Singh}, title = {{A peek into APT36’s updated arsenal}}, date = {2023-09-12}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/peek-apt36-s-updated-arsenal}, language = {English}, urldate = {2023-09-18} } A peek into APT36’s updated arsenal
ElizaRAT
2023-09-08K7 SecuritySudeep Waingankar
@online{waingankar:20230908:romcom:2c93c76, author = {Sudeep Waingankar}, title = {{RomCom RAT: Not Your Typical Love Story}}, date = {2023-09-08}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/romcom-rat-not-your-typical-love-story/}, language = {English}, urldate = {2023-09-13} } RomCom RAT: Not Your Typical Love Story
ROMCOM RAT
2023-09-04Github (muha2xmad)Muhammad Hasan Ali
@online{ali:20230904:deep:26611fe, author = {Muhammad Hasan Ali}, title = {{A deep dive into DCRAT/DarkCrystalRAT malware}}, date = {2023-09-04}, organization = {Github (muha2xmad)}, url = {https://muha2xmad.github.io/malware-analysis/dcrat/}, language = {English}, urldate = {2023-09-04} } A deep dive into DCRAT/DarkCrystalRAT malware
DCRat
2023-08-31Cyber GeeksCyberMasterV
@online{cybermasterv:20230831:deep:94c25e1, author = {CyberMasterV}, title = {{A Deep Dive into Brute Ratel C4 Payloads}}, date = {2023-08-31}, organization = {Cyber Geeks}, url = {https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads/}, language = {English}, urldate = {2023-09-04} } A Deep Dive into Brute Ratel C4 Payloads
Brute Ratel C4
2023-08-30ZscalerSudeep Singh, Naveen Selvan
@online{singh:20230830:look:53e0f61, author = {Sudeep Singh and Naveen Selvan}, title = {{A Look Into DuckTail}}, date = {2023-08-30}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/look-ducktail}, language = {English}, urldate = {2023-11-28} } A Look Into DuckTail
DUCKTAIL
2023-08-23Zeus MuseumDennis Schwarz
@online{schwarz:20230823:historical:eca3b13, author = {Dennis Schwarz}, title = {{Historical Gameover Deep Dive}}, date = {2023-08-23}, organization = {Zeus Museum}, url = {https://nbviewer.org/github/tildedennis/zeusmuseum/blob/master/jupyter_notebooks/gameover/2014-05-28/Gameover%20version%202014-05-28.ipynb}, language = {English}, urldate = {2023-08-24} } Historical Gameover Deep Dive
Gameover P2P
2023-08-10ZscalerGaetano Pellegrino, Sudeep Singh
@online{pellegrino:20230810:janelarat:e6f32e6, author = {Gaetano Pellegrino and Sudeep Singh}, title = {{JanelaRAT - Repurposed BX RAT variant targeting FinTech users in the LATAM region}}, date = {2023-08-10}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/janelarat-repurposed-bx-rat-variant-targeting-latam-fintech}, language = {English}, urldate = {2023-08-11} } JanelaRAT - Repurposed BX RAT variant targeting FinTech users in the LATAM region
JanelaRAT
2023-07-31d01aMohamed Adel
@online{adel:20230731:pikabot:8393b59, author = {Mohamed Adel}, title = {{Pikabot deep analysis}}, date = {2023-07-31}, organization = {d01a}, url = {https://d01a.github.io/pikabot/}, language = {English}, urldate = {2023-08-01} } Pikabot deep analysis
Pikabot QakBot
2023-07-25ZscalerMeghraj Nandanwar, Satyam Singh, Pradeep Mahato
@online{nandanwar:20230725:hibernating:7cf0533, author = {Meghraj Nandanwar and Satyam Singh and Pradeep Mahato}, title = {{Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis}}, date = {2023-07-25}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/hibernating-qakbot-comprehensive-study-and-depth-campaign-analysis}, language = {English}, urldate = {2023-07-31} } Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis
QakBot
2023-07-15N1ght-W0lf BlogAbdallah Elshinbary
@online{elshinbary:20230715:deep:ae926ed, author = {Abdallah Elshinbary}, title = {{Deep Analysis of GCleaner}}, date = {2023-07-15}, organization = {N1ght-W0lf Blog}, url = {https://n1ght-w0lf.github.io/malware%20analysis/gcleaner-loader/}, language = {English}, urldate = {2023-07-19} } Deep Analysis of GCleaner
GCleaner
2023-06-29DeepInstinctSimon Kenin, Deep Instinct Threat Lab
@online{kenin:20230629:phonyc2:fd380e4, author = {Simon Kenin and Deep Instinct Threat Lab}, title = {{PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater}}, date = {2023-06-29}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/phonyc2-revealing-a-new-malicious-command-control-framework-by-muddywater}, language = {English}, urldate = {2023-07-02} } PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
PhonyC2 POWERSTATS
2023-06-23KrollKeith Wojcieszek, Ryan Hicks, George Glass
@online{wojcieszek:20230623:deep:04da3ed, author = {Keith Wojcieszek and Ryan Hicks and George Glass}, title = {{Deep Dive into GOOTLOADER Malware and Its Infection Chain}}, date = {2023-06-23}, organization = {Kroll}, url = {https://www.kroll.com/en/insights/publications/cyber/deep-dive-gootloader-malware-infection-chain}, language = {English}, urldate = {2023-07-13} } Deep Dive into GOOTLOADER Malware and Its Infection Chain
GootLoader
2023-06-22DeepInstinctShaul Vilkomir-Preisman, Mark Vaitzman, Deep Instinct Threat Lab
@online{vilkomirpreisman:20230622:pindos:8a86833, author = {Shaul Vilkomir-Preisman and Mark Vaitzman and Deep Instinct Threat Lab}, title = {{PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID}}, date = {2023-06-22}, organization = {DeepInstinct}, url = {https://www.deepinstinct.com/blog/pindos-new-javascript-dropper-delivering-bumblebee-and-icedid}, language = {English}, urldate = {2023-08-10} } PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID
PindOS BumbleBee PhotoLoader
2023-06-12SophosKarl Ackerman
@online{ackerman:20230612:deep:895f24c, author = {Karl Ackerman}, title = {{Deep dive into the Pikabot cyber threat}}, date = {2023-06-12}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2023/06/12/deep-dive-into-the-pikabot-cyber-threat/}, language = {English}, urldate = {2023-11-13} } Deep dive into the Pikabot cyber threat
Pikabot