Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-20ropgadget.comJeff White
The Origin of OriginLogger & Agent Tesla
Agent Tesla OriginLogger
2022-09-13Palo Alto Networks Unit 42Jeff White
OriginLogger: A Look at Agent Tesla’s Successor
Agent Tesla OriginLogger
2021-11-07Palo Alto Networks Unit 42Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite
2021-06-16Palo Alto Networks Unit 42Jeff White, Kyle Wilhoit
Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon
2021-03-08Palo Alto Networks Unit 42Jeff White
Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER
2018-02-27Palo Alto Networks Unit 42Jeff White
Dissecting Hancitor’s Latest 2018 Packer
Hancitor
2017-09-25Palo Alto Networks Unit 42Jeff White
Analyzing the Various Layers of AgentTesla’s Packing
Agent Tesla
2017-05-31ropgadget.comJeff White
Writing PCRE's for applied passive network defense [Emotet]
Emotet
2016-08-30Palo Alto Networks Unit 42Jeff White
Pythons and Unicorns and Hancitor…Oh My! Decoding Binaries Through Emulation
2016-08-22Palo Alto Networks Unit 42Jeff White
VB Dropper and Shellcode for Hancitor Reveal New Techniques Behind Uptick
Hancitor
2016-02-25Palo Alto Networks Unit 42Jeff White
KeyBase Threat Grows Despite Public Takedown: A Picture is Worth a Thousand Words
KeyBase