Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-16Click All the Things! BlogJamie
@online{jamie:20201216:snake404:7b8d820, author = {Jamie}, title = {{Snake/404 Keylogger, BIFF, and Covering Tracks?: An unusual maldoc}}, date = {2020-12-16}, organization = {Click All the Things! Blog}, url = {https://clickallthethings.wordpress.com/2020/12/16/snake-404-keylogger-biff-and-covering-tracks-an-unusual-maldoc/}, language = {English}, urldate = {2020-12-18} } Snake/404 Keylogger, BIFF, and Covering Tracks?: An unusual maldoc
2020-12-02Kryptos LogicJamie Hankins
@online{hankins:20201202:automated:7a91425, author = {Jamie Hankins}, title = {{Automated string de-gobfuscation}}, date = {2020-12-02}, organization = {Kryptos Logic}, url = {https://www.kryptoslogic.com/blog/2020/12/automated-string-de-gobfuscation/}, language = {English}, urldate = {2020-12-08} } Automated string de-gobfuscation
Blackrota
2020-09-24Click All the Things! BlogJamie Arndt
@online{arndt:20200924:zloader:ad8bf21, author = {Jamie Arndt}, title = {{zLoader XLM Update: Macro code and behavior change}}, date = {2020-09-24}, organization = {Click All the Things! Blog}, url = {https://clickallthethings.wordpress.com/2020/09/21/zloader-xlm-update-macro-code-and-behavior-change/}, language = {English}, urldate = {2020-09-25} } zLoader XLM Update: Macro code and behavior change
Zloader
2020-06-19Click All the Things! BlogJamie
@online{jamie:20200619:zloader:dd6729d, author = {Jamie}, title = {{zloader: VBA, R1C1 References, and Other Tomfoolery}}, date = {2020-06-19}, organization = {Click All the Things! Blog}, url = {https://clickallthethings.wordpress.com/2020/06/19/zloader-vba-r1c1-references-and-other-tomfoolery/}, language = {English}, urldate = {2020-06-21} } zloader: VBA, R1C1 References, and Other Tomfoolery
Zloader
2020-05-25ElasticBrent Murphy, David French, Jamie Butler
@online{murphy:20200525:elastic:a743893, author = {Brent Murphy and David French and Jamie Butler}, title = {{The Elastic Guide to Threat Hunting}}, date = {2020-05-25}, organization = {Elastic}, url = {https://www.elastic.co/pdf/elastic-guide-to-threat-hunting}, language = {English}, urldate = {2020-06-08} } The Elastic Guide to Threat Hunting
2020-03-31Click All the Things! BlogJamie
@online{jamie:20200331:lokibot:f927742, author = {Jamie}, title = {{LokiBot: Getting Equation Editor Shellcode}}, date = {2020-03-31}, organization = {Click All the Things! Blog}, url = {https://clickallthethings.wordpress.com/2020/03/31/lokibot-getting-equation-editor-shellcode/}, language = {English}, urldate = {2020-04-07} } LokiBot: Getting Equation Editor Shellcode
Loki Password Stealer (PWS)