Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-02-27ElasticRuben Groenewoud
Linux Detection Engineering - The Grand Finale on Linux Persistence
PANIX
2025-02-13ElasticAndrew Pease, Seth Goodwin
From South America to Southeast Asia: The Fragile Web of REF7707
FINALDRAFT FINALDRAFT GUIDLOADER PATHLOADER REF7707
2025-02-13ElasticCyril François, Daniel Stepanic, Jia Yu Chan, Salim Bitam
You've Got Malware: FINALDRAFT Hides in Your Drafts
FINALDRAFT FINALDRAFT PATHLOADER
2024-12-12ElasticDaniel Stepanic, Elastic Security Labs, Jia Yu Chan, Salim Bitam, Seth Goodwin
Under the SADBRIDGE with GOSAR: QUASAR Gets a Golang Rewrite
Gosar Quasar RAT SADBRIDGE
2024-10-19ElasticSalim Bitam
Tricks and Treats: GHOSTPULSE’s new pixel- level deception
HijackLoader
2024-10-13ElasticRemco Sprooten, Ruben Groenewoud
Declawing PUMAKIT
PUMAKIT
2024-09-27ElasticRemco Sprooten, Ruben Groenewoud
Betting on Bots: Investigating Linux malware, crypto mining, and gambling API abuse
Kaiji RudeDevil
2024-08-15ElasticElastic Security Labs
Beyond the wail: deconstructing the BANSHEE infostealer
BANSHEE
2024-08-01ElasticDaniel Stepanic, Seth Goodwin
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor
BITSloth
2024-06-21ElasticJoe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike
2024-06-12ElasticDaniel Stepanic
Dipping into Danger: The WARMCOOKIE backdoor
WarmCookie
2024-05-21ElasticAndrew Pease, Salim Bitam, Samir Bousseaden, Terrance DeJesus
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations
win.ghostengine
2024-05-16ElasticDaniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Latrodectus
2024-05-10ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Four
Remcos
2024-05-08ElasticElastic
Elastic Security - WarmCookie YARA Rule
WarmCookie
2024-05-07ElasticElastic
Elastic Security - GhostEngine YARA Rule
win.ghostengine
2024-05-03ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Three
Remcos
2024-04-30ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Two
Remcos
2024-04-24ElasticCyril François, Samir Bousseaden
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part One
Remcos
2024-03-29ElasticSamir Bousseaden
In- the- Wild Windows LPE 0- days: Insights & Detection Strategies