Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-19Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
@online{hahn:20230819:malware:71324c3, author = {Karsten Hahn}, title = {{Malware Analysis - Agniane Stealer, Native Stub to .NET Unpacking}}, date = {2023-08-19}, organization = {Youtube (MalwareAnalysisForHedgehogs)}, url = {https://www.youtube.com/watch?v=-KJ0HIvmVl0}, language = {English}, urldate = {2023-08-31} } Malware Analysis - Agniane Stealer, Native Stub to .NET Unpacking
Cinoshi
2023-04-26Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
@online{hahn:20230426:malware:f3053c4, author = {Karsten Hahn}, title = {{Malware Theory - Packer identifiers don"t tell you if a file is packed}}, date = {2023-04-26}, organization = {Youtube (MalwareAnalysisForHedgehogs)}, url = {https://www.youtube.com/watch?v=ozyBOXpKm1I}, language = {English}, urldate = {2023-04-27} } Malware Theory - Packer identifiers don"t tell you if a file is packed
2023-04-03Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
@online{hahn:20230403:malware:892e68e, author = {Karsten Hahn}, title = {{Malware Analysis - 3CX SmoothOperator ffmpeg.dll with Binary Ninja}}, date = {2023-04-03}, organization = {Youtube (MalwareAnalysisForHedgehogs)}, url = {https://www.youtube.com/watch?v=fTX-vgSEfjk}, language = {English}, urldate = {2023-04-06} } Malware Analysis - 3CX SmoothOperator ffmpeg.dll with Binary Ninja
3CX Backdoor
2022-11-25Github (struppigel)Karsten Hahn
@online{hahn:20221125:python:ec3b5d3, author = {Karsten Hahn}, title = {{Python script to decode NightHawk strings}}, date = {2022-11-25}, organization = {Github (struppigel)}, url = {https://github.com/struppigel/hedgehog-tools/blob/main/nighthawk_str_decoder.py}, language = {English}, urldate = {2022-11-28} } Python script to decode NightHawk strings
Nighthawk
2022-09-05Karsten Hahn
@online{hahn:20220905:icarus:ed666f8, author = {Karsten Hahn}, title = {{Icarus Stealer}}, date = {2022-09-05}, url = {https://twitter.com/struppigel/status/1566685309093511170}, language = {English}, urldate = {2022-10-14} } Icarus Stealer
Icarus
2022-03-24Twitter (@struppigel)Karsten Hahn
@online{hahn:20220324:ginzo:3ae1c21, author = {Karsten Hahn}, title = {{Tweet on Ginzo Stealer}}, date = {2022-03-24}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1506933328599044100}, language = {English}, urldate = {2022-03-28} } Tweet on Ginzo Stealer
Ginzo Stealer
2022-03-09Twitter (@struppigel)Karsten Hahn
@online{hahn:20220309:tweets:85df9d1, author = {Karsten Hahn}, title = {{Tweets detailing NominatusToxicBattery}}, date = {2022-03-09}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1501473254787198977}, language = {English}, urldate = {2022-11-21} } Tweets detailing NominatusToxicBattery
NominatusToxicBattery
2022-03-08Twitter (@struppigel)Karsten Hahn
@online{hahn:20220308:kazyloader:9ce00d5, author = {Karsten Hahn}, title = {{Tweet on KazyLoader}}, date = {2022-03-08}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1501105224819392516}, language = {English}, urldate = {2022-03-08} } Tweet on KazyLoader
KazyLoader
2022-02-28Twitter (@struppigel)Karsten Hahn
@online{hahn:20220228:gofing:a128982, author = {Karsten Hahn}, title = {{Tweet on Gofing discovery}}, date = {2022-02-28}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1498229809675214849}, language = {English}, urldate = {2022-03-18} } Tweet on Gofing discovery
Gofing
2022-02-14GdataKarsten Hahn
@online{hahn:20220214:allcome:4f9515e, author = {Karsten Hahn}, title = {{Allcome clipbanker is a newcomer in underground forums}}, date = {2022-02-14}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2022/02/37239-allcome-clipbanker-is-a-newcomer-in-malware-underground-forums}, language = {English}, urldate = {2022-09-28} } Allcome clipbanker is a newcomer in underground forums
AllcomeClipper
2022-02-03GdataKarsten Hahn
@online{hahn:20220203:qr:16d5c91, author = {Karsten Hahn}, title = {{QR codes on Twitter deliver malicious Chrome extension}}, date = {2022-02-03}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2022/01/37236-qr-codes-on-twitter-deliver-malicious-chrome-extension}, language = {English}, urldate = {2022-05-05} } QR codes on Twitter deliver malicious Chrome extension
Choziosi
2022-01-19GdataKarsten Hahn
@online{hahn:20220119:malware:293c00c, author = {Karsten Hahn}, title = {{Malware vaccines can prevent pandemics, yet are rarely used}}, date = {2022-01-19}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2022/01/malware-vaccines}, language = {English}, urldate = {2023-03-24} } Malware vaccines can prevent pandemics, yet are rarely used
Emotet STOP
2021-09-30G DataKarsten Hahn
@online{hahn:20210930:all:8e82a0c, author = {Karsten Hahn}, title = {{All your hashes are belong to us: An overview of malware hashing algorithms}}, date = {2021-09-30}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2021/09/an-overview-of-malware-hashing-algorithms}, language = {English}, urldate = {2021-10-20} } All your hashes are belong to us: An overview of malware hashing algorithms
2021-06-25GdataKarsten Hahn, Takahiro Haruyama, Johann Aydinbas, Florian Roth
@online{hahn:20210625:microsoft:7ba11af, author = {Karsten Hahn and Takahiro Haruyama and Johann Aydinbas and Florian Roth}, title = {{Microsoft signed a malicious Netfilter rootkit}}, date = {2021-06-25}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/microsoft-signed-a-malicious-netfilter-rootkit}, language = {English}, urldate = {2021-06-29} } Microsoft signed a malicious Netfilter rootkit
NetfilterRootkit
2021-06-17struppigelKarsten Hahn
@online{hahn:20210617:network:63e106b, author = {Karsten Hahn}, title = {{Tweet on Network filter rootkit driver signed by Microsoft}}, date = {2021-06-17}, organization = {struppigel}, url = {https://twitter.com/struppigel/status/1405483373280235520}, language = {English}, urldate = {2021-06-22} } Tweet on Network filter rootkit driver signed by Microsoft
2021-06-08GdataKarsten Hahn
@online{hahn:20210608:picture:5667a54, author = {Karsten Hahn}, title = {{Picture this: Malware Hides in Steam Profile Images}}, date = {2021-06-08}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2021/06/36861-malware-hides-in-steam-profile-images}, language = {English}, urldate = {2023-09-04} } Picture this: Malware Hides in Steam Profile Images
SteamHide
2021-06-07GdataKarsten Hahn
@online{hahn:20210607:malware:12e4c70, author = {Karsten Hahn}, title = {{Malware family naming hell is our own fault}}, date = {2021-06-07}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/malware-family-naming-hell}, language = {English}, urldate = {2021-06-09} } Malware family naming hell is our own fault
2021-02-17G DataKarsten Hahn
@online{hahn:20210217:sectoprat:f578681, author = {Karsten Hahn}, title = {{SectopRAT: New version adds encrypted communication}}, date = {2021-02-17}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2021/02/36633-new-version-adds-encrypted-communication}, language = {English}, urldate = {2023-02-06} } SectopRAT: New version adds encrypted communication
SectopRAT
2021-01-28Twitter (@struppigel)Karsten Hahn
@online{hahn:20210128:sn0wslogger:962b2fd, author = {Karsten Hahn}, title = {{Tweet on Sn0wsLogger malware}}, date = {2021-01-28}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1354806038805897216}, language = {English}, urldate = {2021-01-29} } Tweet on Sn0wsLogger malware
Sn0wsLogger
2021-01-23Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
@online{hahn:20210123:malware:36b6878, author = {Karsten Hahn}, title = {{Malware Analysis - Fileless GooLoad static analysis and unpacking}}, date = {2021-01-23}, organization = {Youtube (MalwareAnalysisForHedgehogs)}, url = {https://www.youtube.com/watch?v=BcFbkjUVc7o}, language = {English}, urldate = {2021-04-14} } Malware Analysis - Fileless GooLoad static analysis and unpacking