Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-24bin.reJohannes Bader
@online{bader:20220724:dga:cf56d0c, author = {Johannes Bader}, title = {{A DGA Seeded by the Bitcoin Genesis Block}}, date = {2022-07-24}, organization = {bin.re}, url = {https://bin.re/blog/a-dga-seeded-by-the-bitcoin-genesis-block/}, language = {English}, urldate = {2022-08-08} } A DGA Seeded by the Bitcoin Genesis Block
Orchard
2022-06-04bin.reJohannes Bader
@online{bader:20220604:domain:5dd1e0a, author = {Johannes Bader}, title = {{The Domain Generation Algorithms of SharkBot}}, date = {2022-06-04}, organization = {bin.re}, url = {https://bin.re/blog/the-dgas-of-sharkbot/}, language = {English}, urldate = {2023-04-14} } The Domain Generation Algorithms of SharkBot
SharkBot
2022-03-31SANS ISCJohannes Ullrich
@online{ullrich:20220331:spring:a2ac765, author = {Johannes Ullrich}, title = {{Spring Vulnerability Update - Exploitation Attempts CVE-2022-22965}}, date = {2022-03-31}, organization = {SANS ISC}, url = {https://isc.sans.edu/diary/rss/28504}, language = {English}, urldate = {2022-04-04} } Spring Vulnerability Update - Exploitation Attempts CVE-2022-22965
2022-01-11Github (baderj)Johannes Bader
@online{bader:20220111:reimplementation:f8b45d0, author = {Johannes Bader}, title = {{Reimplementation of Expiro's DGA}}, date = {2022-01-11}, organization = {Github (baderj)}, url = {https://github.com/baderj/domain_generation_algorithms/blob/master/m0yv/dga.py}, language = {English}, urldate = {2022-11-03} } Reimplementation of Expiro's DGA
m0yv
2021-08-09Johannes Bader's BlogJohannes Bader
@online{bader:20210809:bazarloader:e123577, author = {Johannes Bader}, title = {{A BazarLoader DGA that Breaks Down in the Summer}}, date = {2021-08-09}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/a-bazarloader-dga-that-breaks-during-summer-months/}, language = {English}, urldate = {2021-08-09} } A BazarLoader DGA that Breaks Down in the Summer
BazarBackdoor
2021-01-23Johannes Bader's BlogJohannes Bader
@online{bader:20210123:yet:1274cbe, author = {Johannes Bader}, title = {{Yet Another Bazar Loader DGA}}, date = {2021-01-23}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/yet-another-bazarloader-dga/}, language = {English}, urldate = {2021-01-25} } Yet Another Bazar Loader DGA
BazarBackdoor
2020-12-16Johannes Bader's BlogJohannes Bader
@online{bader:20201216:next:a8f5998, author = {Johannes Bader}, title = {{Next Version of the Bazar Loader DGA}}, date = {2020-12-16}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/next-version-of-the-bazarloader-dga/}, language = {English}, urldate = {2020-12-16} } Next Version of the Bazar Loader DGA
BazarBackdoor
2020-07-15Johannes Bader's BlogJohannes Bader
@online{bader:20200715:defective:3a3721f, author = {Johannes Bader}, title = {{The Defective Domain Generation Algorithm of BazarBackdoor}}, date = {2020-07-15}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/the-buggy-dga-of-bazarbackdoor/}, language = {English}, urldate = {2020-07-15} } The Defective Domain Generation Algorithm of BazarBackdoor
BazarBackdoor
2020-07-14Johannes Bader's BlogJohannes Bader
@online{bader:20200714:domain:51498ab, author = {Johannes Bader}, title = {{The Domain Generation Algorithm of BazarBackdoor}}, date = {2020-07-14}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/the-dga-of-bazarbackdoor/}, language = {English}, urldate = {2020-07-15} } The Domain Generation Algorithm of BazarBackdoor
BazarBackdoor
2020-04-26Johannes Bader's BlogJohannes Bader
@online{bader:20200426:dga:edd448c, author = {Johannes Bader}, title = {{The DGA of Zloader}}, date = {2020-04-26}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/the-dga-of-zloader/}, language = {English}, urldate = {2020-04-26} } The DGA of Zloader
Zloader
2020-01-23Johannes Bader's BlogJohannes Bader
@online{bader:20200123:dga:129802e, author = {Johannes Bader}, title = {{The DGA of a Monero Miner Downloader}}, date = {2020-01-23}, organization = {Johannes Bader's Blog}, url = {https://johannesbader.ch/blog/the-dga-of-a-monero-miner-downloader/}, language = {English}, urldate = {2020-01-27} } The DGA of a Monero Miner Downloader
2019-11-12Johannes Bader BlogJohannes Bader
@online{bader:20191112:dga:0a1d2c8, author = {Johannes Bader}, title = {{The DGA of QSnatch}}, date = {2019-11-12}, organization = {Johannes Bader Blog}, url = {https://bin.re/blog/the-dga-of-qsnatch/}, language = {English}, urldate = {2020-01-13} } The DGA of QSnatch
QSnatch
2019-07-08Johannes Bader
@online{bader:20190708:dga:0c56ba3, author = {Johannes Bader}, title = {{The DGA of Pitou}}, date = {2019-07-08}, url = {https://johannesbader.ch/2019/07/the-dga-of-pitou/}, language = {English}, urldate = {2020-01-10} } The DGA of Pitou
Pitou
2018-04-29Johannes Bader
@online{bader:20180429:new:b8e7b59, author = {Johannes Bader}, title = {{The new Domain Generation Algorithm of Nymaim}}, date = {2018-04-29}, url = {https://johannesbader.ch/2018/04/the-new-domain-generation-algorithm-of-nymaim/}, language = {English}, urldate = {2020-01-07} } The new Domain Generation Algorithm of Nymaim
Nymaim2
2017-09-05InfoSec Handlers Diary BlogJohannes Ullrich
@online{ullrich:20170905:mirai:ab11796, author = {Johannes Ullrich}, title = {{The Mirai Botnet: A Look Back and Ahead At What's Next}}, date = {2017-09-05}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/diary/22786}, language = {English}, urldate = {2020-01-06} } The Mirai Botnet: A Look Back and Ahead At What's Next
2017-07-25Github (viql)Johannes Bader
@online{bader:20170725:dridex:44f64d8, author = {Johannes Bader}, title = {{Dridex Loot}}, date = {2017-07-25}, organization = {Github (viql)}, url = {https://viql.github.io/dridex/}, language = {English}, urldate = {2020-01-07} } Dridex Loot
Dridex
2017-01-31SANS ISC InfoSec ForumsJohannes
@online{johannes:20170131:malicious:ed4f2fb, author = {Johannes}, title = {{Malicious Office files using fileless UAC bypass to drop KEYBASE malware}}, date = {2017-01-31}, organization = {SANS ISC InfoSec Forums}, url = {https://isc.sans.edu/forums/diary/Malicious+Office+files+using+fileless+UAC+bypass+to+drop+KEYBASE+malware/22011/}, language = {English}, urldate = {2020-01-08} } Malicious Office files using fileless UAC bypass to drop KEYBASE malware
KeyBase
2016-04-12Johannes Bader
@online{bader:20160412:dga:469d85e, author = {Johannes Bader}, title = {{The DGA of Qadars v3}}, date = {2016-04-12}, url = {https://www.johannesbader.ch/2016/04/the-dga-of-qadars/}, language = {English}, urldate = {2019-07-11} } The DGA of Qadars v3
Qadars
2016-03-06Johannes Bader
@online{bader:20160306:dga:fe673b7, author = {Johannes Bader}, title = {{The DGA of PadCrypt}}, date = {2016-03-06}, url = {https://johannesbader.ch/2016/03/the-dga-of-padcrypt/}, language = {English}, urldate = {2019-12-06} } The DGA of PadCrypt
PadCrypt
2016-02-24Johannes Bader BlogJohannes Bader
@online{bader:20160224:dga:735ff10, author = {Johannes Bader}, title = {{The DGA of Qakbot.T}}, date = {2016-02-24}, organization = {Johannes Bader Blog}, url = {https://bin.re/blog/the-dga-of-qakbot/}, language = {English}, urldate = {2023-04-14} } The DGA of Qakbot.T
QakBot