Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-06-21ElasticJoe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike
2024-06-12ElasticDaniel Stepanic
Dipping into Danger: The WARMCOOKIE backdoor
WarmCookie
2024-05-21ElasticAndrew Pease, Salim Bitam, Samir Bousseaden, Terrance DeJesus
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations
win.ghostengine
2024-05-16ElasticDaniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus
2024-05-10ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Four
Remcos
2024-05-08ElasticElastic
Elastic Security - WarmCookie YARA Rule
WarmCookie
2024-05-07ElasticElastic
Elastic Security - GhostEngine YARA Rule
win.ghostengine
2024-05-03ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Three
Remcos
2024-04-30ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Two
Remcos
2024-04-24ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part One
Remcos
2024-03-29ElasticSamir Bousseaden
In- the- Wild Windows LPE 0- days: Insights & Detection Strategies
2024-02-23ElasticDaniel Stepanic, Salim Bitam
PIKABOT, I choose you!
Pikabot
2023-12-06ElasticDaniel Stepanic
Getting gooey with GULOADER: deobfuscating the downloader
CloudEyE
2023-10-31ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Seth Goodwin
Elastic catches DPRK passing out KANDYKORN
HLOADER KANDYKORN SUGARLOADER
2023-10-27ElasticJoe Desimone, Salim Bitam
GHOSTPULSE haunts victims using defense evasion bag o' tricks
HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar
2023-10-13ElasticCyril François
Disclosing the BLOODALCHEMY backdoor
BloodAlchemy REF5961
2023-10-03ElasticAndrew Pease, Cyril François, Daniel Stepanic, Salim Bitam, Seth Goodwin
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE)
EagerBee SManager REF2924 REF5961
2023-08-24ElasticDaniel Stepanic, Salim Bitam
Revisting BLISTER: New development of the BLISTER loader
Blister
2023-08-24ElasticDaniel Stepanic, Salim Bitam
Revisting BLISTER: New development of the BLISTER loader
Blister
2023-06-29ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Salim Bitam, Seth Goodwin
The DPRK strikes using a new variant of RUSTBUCKET
RustBucket