Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-15Twitter (@felixw3000)Felix
@online{felix:20210415:dridexs:a39e123, author = {Felix}, title = {{Tweet on Dridex's evasion technique}}, date = {2021-04-15}, organization = {Twitter (@felixw3000)}, url = {https://twitter.com/felixw3000/status/1382614469713530883?s=20}, language = {English}, urldate = {2021-05-25} } Tweet on Dridex's evasion technique
Dridex
2020-10-15Kaspersky LabsIvan Kwiatkowski, Pierre Delcher, Félix Aime
@online{kwiatkowski:20201015:iamtheking:1c3917e, author = {Ivan Kwiatkowski and Pierre Delcher and Félix Aime}, title = {{IAmTheKing and the SlothfulMedia malware family}}, date = {2020-10-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/iamtheking-and-the-slothfulmedia-malware-family/99000/}, language = {English}, urldate = {2020-10-16} } IAmTheKing and the SlothfulMedia malware family
SlothfulMedia
2020-07-28Kaspersky LabsIvan Kwiatkowski, Pierre Delcher, Félix Aime
@online{kwiatkowski:20200728:lazarus:5b1523a, author = {Ivan Kwiatkowski and Pierre Delcher and Félix Aime}, title = {{Lazarus on the hunt for big game}}, date = {2020-07-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/}, language = {English}, urldate = {2020-07-30} } Lazarus on the hunt for big game
Dacls Dacls Dacls VHD Ransomware
2020-03-31Kaspersky LabsIvan Kwiatkowski, Félix Aime, Pierre Delcher
@online{kwiatkowski:20200331:holy:857c397, author = {Ivan Kwiatkowski and Félix Aime and Pierre Delcher}, title = {{Holy water: ongoing targeted water-holing attack in Asia}}, date = {2020-03-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/holy-water-ongoing-targeted-water-holing-attack-in-asia/96311/}, language = {English}, urldate = {2020-04-07} } Holy water: ongoing targeted water-holing attack in Asia
Godlike12
2020-03-23Kaspersky LabsFélix Aime, Yury Namestnikov
@online{aime:20200323:fin7:66bea6f, author = {Félix Aime and Yury Namestnikov}, title = {{Fin7 APT: how billion dollar crime ring remains active after leaders’ arrest}}, date = {2020-03-23}, organization = {Kaspersky Labs}, url = {https://www.brighttalk.com/webcast/15591/382191/fin7-apt-how-billion-dollar-crime-ring-remains-active-after-leaders-arrest}, language = {English}, urldate = {2020-04-07} } Fin7 APT: how billion dollar crime ring remains active after leaders’ arrest
Carbanak
2019-06-02VMRayFelix Seele
@techreport{seele:20190602:hypervisorbased:04c1731, author = {Felix Seele}, title = {{Hypervisor-based Analysis of macOS Malware}}, date = {2019-06-02}, institution = {VMRay}, url = {https://objectivebythesea.com/v2/talks/OBTS_v2_Seele.pdf}, language = {English}, urldate = {2020-01-07} } Hypervisor-based Analysis of macOS Malware
Coldroot RAT
2019-05-08Kaspersky LabsYury Namestnikov, Félix Aime
@online{namestnikov:20190508:fin75:443b111, author = {Yury Namestnikov and Félix Aime}, title = {{FIN7.5: the infamous cybercrime rig “FIN7” continues its activities}}, date = {2019-05-08}, organization = {Kaspersky Labs}, url = {https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/}, language = {English}, urldate = {2019-12-20} } FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
Griffon Ave Maria FIN7
2019-05Felix Weyne
@online{weyne:201905:hancitors:9fccb0b, author = {Felix Weyne}, title = {{Hancitor's Packer Damystified}}, date = {2019-05}, url = {https://www.uperesia.com/hancitor-packer-demystified}, language = {English}, urldate = {2020-01-07} } Hancitor's Packer Damystified
Hancitor
2018-07-29SophosFelix Weyne
@online{weyne:20180729:adkoob:92f8951, author = {Felix Weyne}, title = {{AdKoob information thief targets Facebook ad purchase info}}, date = {2018-07-29}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2018/07/29/adkoob-information-thief-targets-facebook-ad-purchase-info/}, language = {English}, urldate = {2020-01-05} } AdKoob information thief targets Facebook ad purchase info
AdKoob
2018-07-26FireEyeSwapnil Patil
@online{patil:20180726:microsoft:f03d7c7, author = {Swapnil Patil}, title = {{Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign}}, date = {2018-07-26}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html}, language = {English}, urldate = {2019-12-20} } Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign
Felixroot
2016-08UperesiaFelix Weyne
@online{weyne:201608:analysis:10758de, author = {Felix Weyne}, title = {{Analysis of a packed Pony downloader}}, date = {2016-08}, organization = {Uperesia}, url = {https://www.uperesia.com/analysis-of-a-packed-pony-downloader}, language = {English}, urldate = {2020-01-06} } Analysis of a packed Pony downloader
Pony