Click here to download all references as Bib-File.•
2024-02-21
⋅
DCSO
⋅
To Russia With Love: Assessing a KONNI-Backdoored Suspected Russian Consular Software Installer Konni |
2023-09-19
⋅
Medium (@DCSO_CyTec)
⋅
#ShortAndMalicious — DarkGate DarkGate |
2023-05-31
⋅
Twitter (@jaydinbas)
⋅
Tweet about C++ payload delivered via ISO Unidentified 104 |
2023-05-17
⋅
Medium (@DCSO_CyTec)
⋅
Andariel’s “Jupiter” malware and the case of the curious C2 Jupiter |
2023-02-10
⋅
DCSO
⋅
#ShortAndMalicious — PikaBot and the Matanbuchus connection Pikabot |
2022-12-19
⋅
Twitter (@jaydinbas)
⋅
Twitter thread describing ISO drop for Kami Kami |
2022-11-16
⋅
Medium (@DCSO_CyTec)
⋅
HZ RAT goes China HZ RAT |
2022-11-08
⋅
DCSO
⋅
#ShortAndMalicious: StrelaStealer aims for mail credentials StrelaStealer |
2022-10-11
⋅
Medium (@DCSO_CyTec)
⋅
Tracking down Maggie Maggie |
2022-10-04
⋅
Medium (@DCSO_CyTec)
⋅
MSSQL, meet Maggie Maggie |
2022-05-23
⋅
DCSO
⋅
A deal with the devil: Analysis of a recent Matanbuchus sample Matanbuchus |
2022-03-01
⋅
Github (usualsuspect)
⋅
Python script to decrypt embedded driver used in Daxin Daxin |
2021-06-25
⋅
Gdata
⋅
Microsoft signed a malicious Netfilter rootkit NetfilterRootkit |
2019-05-02
⋅
Usual Suspect RE
⋅
FormBook - Hiding in plain sight Formbook |