Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-16JPCERT/CCShusei Tomonaga
@online{tomonaga:20201116:elfplead:3bb79c4, author = {Shusei Tomonaga}, title = {{ELF_PLEAD - Linux Malware Used by BlackTech}}, date = {2020-11-16}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/11/elf-plead.html}, language = {English}, urldate = {2020-11-17} } ELF_PLEAD - Linux Malware Used by BlackTech
PLEAD
2020-09-29JPCERT/CCShusei Tomonaga
@online{tomonaga:20200929:blindingcan:a85ca22, author = {Shusei Tomonaga}, title = {{BLINDINGCAN - Malware Used by Lazarus}}, date = {2020-09-29}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/09/BLINDINGCAN.html}, language = {English}, urldate = {2020-10-02} } BLINDINGCAN - Malware Used by Lazarus
BLINDINGCAN Lazarus Group
2020-08-31JPCERT/CCShusei Tomonaga
@online{tomonaga:20200831:malware:18b1228, author = {Shusei Tomonaga}, title = {{Malware Used by Lazarus after Network Intrusion}}, date = {2020-08-31}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html}, language = {English}, urldate = {2020-09-04} } Malware Used by Lazarus after Network Intrusion
Lazarus Group
2020-08-31JPCERT/CCShusei Tomonaga
@online{tomonaga:20200831:malware:61046e2, author = {Shusei Tomonaga}, title = {{Malware used by the attack group Lazarus after network intrusion}}, date = {2020-08-31}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2020/08/Lazarus_malware.html}, language = {Japanese}, urldate = {2020-08-31} } Malware used by the attack group Lazarus after network intrusion
2020-06-11JPCERT/CCKota Kino
@online{kino:20200611:lodeinfo:104e43a, author = {Kota Kino}, title = {{マルウエアLODEINFOの進化 (Evolution of Malware LODEINFO)}}, date = {2020-06-11}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2020/06/LODEINFO-2.html}, language = {Japanese}, urldate = {2020-06-12} } マルウエアLODEINFOの進化 (Evolution of Malware LODEINFO)
LODEINFO
2020-03-05JPCERT/CCShusei Tomonaga
@online{tomonaga:20200305:elftscookie:f49b873, author = {Shusei Tomonaga}, title = {{ELF_TSCookie - Linux Malware Used by BlackTech}}, date = {2020-03-05}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/03/elf-tscookie.html}, language = {English}, urldate = {2020-03-09} } ELF_TSCookie - Linux Malware Used by BlackTech
TSCookie
2020-02-20JPCERT/CCKota Kino
@online{kino:20200220:lodeinfo:9842ab1, author = {Kota Kino}, title = {{日本国内の組織を狙ったマルウエアLODEINFO}}, date = {2020-02-20}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2020/02/LODEINFO.html}, language = {Japanese}, urldate = {2020-02-27} } 日本国内の組織を狙ったマルウエアLODEINFO
LODEINFO
2020-01-17JPCERT/CCTakayoshi Shiigi
@techreport{shiigi:20200117:looking:bf71db1, author = {Takayoshi Shiigi}, title = {{Looking back on the incidents in 2019}}, date = {2020-01-17}, institution = {JPCERT/CC}, url = {https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_0_JPCERT_en.pdf}, language = {English}, urldate = {2020-04-06} } Looking back on the incidents in 2019
TSCookie NodeRAT Emotet PoshC2 Quasar RAT
2019-12-10JPCERT/CCJPCERT/CC
@online{jpcertcc:20191210:updated:86aee30, author = {JPCERT/CC}, title = {{[Updated] Alert Regarding Emotet Malware Infection}}, date = {2019-12-10}, organization = {JPCERT/CC}, url = {https://www.jpcert.or.jp/english/at/2019/at190044.html}, language = {English}, urldate = {2020-01-09} } [Updated] Alert Regarding Emotet Malware Infection
Emotet
2019-12-04JPCERT/CCKen Sajo
@online{sajo:20191204:how:60225fe, author = {Ken Sajo}, title = {{How to Respond to Emotet Infection (FAQ)}}, date = {2019-12-04}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/12/emotetfaq.html}, language = {English}, urldate = {2020-01-13} } How to Respond to Emotet Infection (FAQ)
Emotet
2019-11-21JPCERT/CC田中 信太郎(Shintaro Tanaka)
@online{tanaka:20191121:icondown:cb082bf, author = {田中 信太郎(Shintaro Tanaka)}, title = {{IconDown – Downloader Used by BlackTech}}, date = {2019-11-21}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/11/icondown-downloader-used-by-blacktech.html}, language = {English}, urldate = {2020-01-08} } IconDown – Downloader Used by BlackTech
IconDown
2019-09-18JPCERT/CCShusei Tomonaga
@online{tomonaga:20190918:malware:67390e7, author = {Shusei Tomonaga}, title = {{Malware Used by BlackTech after Network Intrusion}}, date = {2019-09-18}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/09/tscookie-loader.html}, language = {English}, urldate = {2019-11-16} } Malware Used by BlackTech after Network Intrusion
PLEAD
2019-05-30JPCERT/CCShusei Tomonaga
@online{tomonaga:20190530:bug:cf70c8d, author = {Shusei Tomonaga}, title = {{Bug in Malware “TSCookie” - Fails to Read Configuration - (Update)}}, date = {2019-05-30}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/05/tscookie3.html}, language = {English}, urldate = {2020-01-13} } Bug in Malware “TSCookie” - Fails to Read Configuration - (Update)
PLEAD
2019-02-19JPCERT/CCShusei Tomonaga
@online{tomonaga:20190219:tick:83ca850, author = {Shusei Tomonaga}, title = {{攻撃グループTickによる日本の組織をターゲットにした攻撃活動}}, date = {2019-02-19}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2019/02/tick-activity.html}, language = {Japanese}, urldate = {2020-04-01} } 攻撃グループTickによる日本の組織をターゲットにした攻撃活動
NodeRAT
2018-11-12JPCERT/CCShusei Tomonaga
@online{tomonaga:20181112:bug:fe13af3, author = {Shusei Tomonaga}, title = {{Bug in Malware “TSCookie” - Fails to Read Configuration}}, date = {2018-11-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/11/tscookie2.html}, language = {English}, urldate = {2019-10-28} } Bug in Malware “TSCookie” - Fails to Read Configuration
PLEAD
2018-08-03JPCERT/CCTakuya Endo, Yukako Uchida
@online{endo:20180803:volatility:4597ce0, author = {Takuya Endo and Yukako Uchida}, title = {{Volatility Plugin for Detecting Cobalt Strike Beacon}}, date = {2018-08-03}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/08/volatility-plugin-for-detecting-cobalt-strike-beacon.html}, language = {English}, urldate = {2019-07-11} } Volatility Plugin for Detecting Cobalt Strike Beacon
Cobalt Strike
2018-07-31Github (JPCERTCC)JPCERT/CC
@online{jpcertcc:20180731:scanner:d1757d9, author = {JPCERT/CC}, title = {{Scanner for CobaltStrike}}, date = {2018-07-31}, organization = {Github (JPCERTCC)}, url = {https://github.com/JPCERTCC/aa-tools/blob/master/cobaltstrikescan.py}, language = {English}, urldate = {2020-01-13} } Scanner for CobaltStrike
Cobalt Strike
2018-07-06JPCERT/CCShusei Tomonaga
@online{tomonaga:20180706:malware:dc21b83, author = {Shusei Tomonaga}, title = {{Malware “WellMess” Targeting Linux and Windows}}, date = {2018-07-06}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/07/malware-wellmes-9b78.html}, language = {English}, urldate = {2020-07-17} } Malware “WellMess” Targeting Linux and Windows
elf.wellmess WellMess
2018-07-06JPCERT/CCShusei Tomonaga
@online{tomonaga:20180706:malware:f40637b, author = {Shusei Tomonaga}, title = {{Malware “WellMess” Targeting Linux and Windows}}, date = {2018-07-06}, organization = {JPCERT/CC}, url = {https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html}, language = {English}, urldate = {2020-01-06} } Malware “WellMess” Targeting Linux and Windows
WellMess
2018-06-08JPCERT/CCShusei Tomonaga
@online{tomonaga:20180608:plead:046d5bc, author = {Shusei Tomonaga}, title = {{PLEAD Downloader Used by BlackTech}}, date = {2018-06-08}, organization = {JPCERT/CC}, url = {https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html}, language = {English}, urldate = {2020-01-06} } PLEAD Downloader Used by BlackTech
PLEAD