Click here to download all references as Bib-File.
2023-09-22 ⋅ R136a1 ⋅ More on DreamLand LuaDream |
2022-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ Blowing Cobalt Strike Out of the Water With Memory Analysis Cobalt Strike |
2022-07-19 ⋅ R136a1 ⋅ A look into APT29's new early-stage Google Drive downloader BEATDROP BOOMBOX Gdrive Unidentified 098 (APT29 Slack Downloader) |
2022-06-18 ⋅ R136a1 ⋅ Using dotnetfile to get a Sunburst timeline for intelligence gathering SUNBURST |
2022-05-22 ⋅ R136a1 ⋅ Introduction of a PE file extractor for various situations Cobalt Strike Matanbuchus |
2021-02-19 ⋅ Palo Alto Networks Unit 42 ⋅ IronNetInjector: Turla’s New Malware Loading Tool Agent.BTZ IronNetInjector TurlaRPC |
2021-01-04 ⋅ Twitter (@TheEnergyStory) ⋅ Some small detail on compiler used for TEARDROP TEARDROP |
2020-12-24 ⋅ Twitter (@TheEnergyStory) ⋅ Tweet on TEARDROP sample TEARDROP |
2020-06-17 ⋅ paloalto Networks Unit 42 ⋅ AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations AcidBox |
2020-03-19 ⋅ Twitter (@TheEnergyStory) ⋅ Tweet on early GuLoader samples dating back to October 2019 CloudEyE |
2020-03-15 ⋅ Twitter (@TheEnergyStory) ⋅ GuLoader anti analysis/sandbox tricks CloudEyE |
2018-09-06 ⋅ Palo Alto Networks Unit 42 ⋅ Slicing and Dicing CVE-2018-5002 Payloads: New CHAINSHOT Malware Chainshot |
2017-11-01 ⋅ Palo Alto Networks Unit 42 ⋅ Everybody Gets One: QtBot Used to Distribute Trickbot and Locky QtBot |
2017-09-06 ⋅ Palo Alto Networks Unit 42 ⋅ Analysing a 10-Year-Old SNOWBALL Babar |
2017-03-28 ⋅ Palo Alto Networks Unit 42 ⋅ Dimnie: Hiding in Plain Sight Dimnie |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Pteranodon RMS Gamaredon Group |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Pteranodon |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Gamaredon Group |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Gamaredon Group |
2017-01-06 ⋅ Palo Alto Networks Unit 42 ⋅ 2016 Updates to Shifu Banking Trojan Shifu |