Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-24Twitter (@struppigel)Karsten Hahn
@online{hahn:20220324:ginzo:3ae1c21, author = {Karsten Hahn}, title = {{Tweet on Ginzo Stealer}}, date = {2022-03-24}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1506933328599044100}, language = {English}, urldate = {2022-03-28} } Tweet on Ginzo Stealer
Ginzo Stealer
2022-03-08Twitter (@struppigel)Karsten Hahn
@online{hahn:20220308:kazyloader:9ce00d5, author = {Karsten Hahn}, title = {{Tweet on KazyLoader}}, date = {2022-03-08}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1501105224819392516}, language = {English}, urldate = {2022-03-08} } Tweet on KazyLoader
KazyLoader
2022-02-28Twitter (@struppigel)Karsten Hahn
@online{hahn:20220228:gofing:a128982, author = {Karsten Hahn}, title = {{Tweet on Gofing discovery}}, date = {2022-02-28}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1498229809675214849}, language = {English}, urldate = {2022-03-18} } Tweet on Gofing discovery
Gofing
2022-02-03GdataKarsten Hahn
@online{hahn:20220203:qr:16d5c91, author = {Karsten Hahn}, title = {{QR codes on Twitter deliver malicious Chrome extension}}, date = {2022-02-03}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2022/01/37236-qr-codes-on-twitter-deliver-malicious-chrome-extension}, language = {English}, urldate = {2022-05-05} } QR codes on Twitter deliver malicious Chrome extension
Choziosi
2021-09-30G DataKarsten Hahn
@online{hahn:20210930:all:8e82a0c, author = {Karsten Hahn}, title = {{All your hashes are belong to us: An overview of malware hashing algorithms}}, date = {2021-09-30}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2021/09/an-overview-of-malware-hashing-algorithms}, language = {English}, urldate = {2021-10-20} } All your hashes are belong to us: An overview of malware hashing algorithms
2021-06-25GdataKarsten Hahn, Takahiro Haruyama, Johann Aydinbas, Florian Roth
@online{hahn:20210625:microsoft:7ba11af, author = {Karsten Hahn and Takahiro Haruyama and Johann Aydinbas and Florian Roth}, title = {{Microsoft signed a malicious Netfilter rootkit}}, date = {2021-06-25}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/microsoft-signed-a-malicious-netfilter-rootkit}, language = {English}, urldate = {2021-06-29} } Microsoft signed a malicious Netfilter rootkit
NetfilterRootkit
2021-06-17struppigelKarsten Hahn
@online{hahn:20210617:network:63e106b, author = {Karsten Hahn}, title = {{Tweet on Network filter rootkit driver signed by Microsoft}}, date = {2021-06-17}, organization = {struppigel}, url = {https://twitter.com/struppigel/status/1405483373280235520}, language = {English}, urldate = {2021-06-22} } Tweet on Network filter rootkit driver signed by Microsoft
2021-06-08GdataKarsten Hahn
@online{hahn:20210608:picture:5667a54, author = {Karsten Hahn}, title = {{Picture this: Malware Hides in Steam Profile Images}}, date = {2021-06-08}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images}, language = {English}, urldate = {2021-06-09} } Picture this: Malware Hides in Steam Profile Images
SteamHide
2021-06-07GdataKarsten Hahn
@online{hahn:20210607:malware:12e4c70, author = {Karsten Hahn}, title = {{Malware family naming hell is our own fault}}, date = {2021-06-07}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/malware-family-naming-hell}, language = {English}, urldate = {2021-06-09} } Malware family naming hell is our own fault
2021-01-28Twitter (@struppigel)Karsten Hahn
@online{hahn:20210128:sn0wslogger:962b2fd, author = {Karsten Hahn}, title = {{Tweet on Sn0wsLogger malware}}, date = {2021-01-28}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1354806038805897216}, language = {English}, urldate = {2021-01-29} } Tweet on Sn0wsLogger malware
Sn0wsLogger
2021-01-23Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
@online{hahn:20210123:malware:36b6878, author = {Karsten Hahn}, title = {{Malware Analysis - Fileless GooLoad static analysis and unpacking}}, date = {2021-01-23}, organization = {Youtube (MalwareAnalysisForHedgehogs)}, url = {https://www.youtube.com/watch?v=BcFbkjUVc7o}, language = {English}, urldate = {2021-04-14} } Malware Analysis - Fileless GooLoad static analysis and unpacking
2020-12-01GdataKarsten Hahn
@online{hahn:20201201:icerat:bc43ba0, author = {Karsten Hahn}, title = {{IceRat evades antivirus by running PHP on Java VM}}, date = {2020-12-01}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/icerat-evades-antivirus-by-using-jphp}, language = {English}, urldate = {2020-12-03} } IceRat evades antivirus by running PHP on Java VM
IceRat
2020-11-05GdataKarsten Hahn
@online{hahn:20201105:babax:3e78762, author = {Karsten Hahn}, title = {{Babax stealer rebrands to Osno, installs rootkit}}, date = {2020-11-05}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2020/11/36459-babax-stealer-rebrands-to-osno-installs-rootkit}, language = {English}, urldate = {2020-11-06} } Babax stealer rebrands to Osno, installs rootkit
Osno
2020-10-21G DataKarsten Hahn
@online{hahn:20201021:trat:389d7f3, author = {Karsten Hahn}, title = {{T-RAT 2.0: Malware control via smartphone}}, date = {2020-10-21}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/trat-control-via-smartphone}, language = {English}, urldate = {2020-10-23} } T-RAT 2.0: Malware control via smartphone
tRat T-RAT 2.0
2020-09-01GdataKarsten Hahn
@online{hahn:20200901:dll:2af82dc, author = {Karsten Hahn}, title = {{DLL Fixer leads to Cyrat Ransomware}}, date = {2020-09-01}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/cyrat-ransomware}, language = {English}, urldate = {2020-09-01} } DLL Fixer leads to Cyrat Ransomware
Cyrat
2020-06-24Twitter (@struppigel)Karsten Hahn
@online{hahn:20200624:discordtokenstealer:2b4cc58, author = {Karsten Hahn}, title = {{Tweet on DiscordTokenStealer}}, date = {2020-06-24}, organization = {Twitter (@struppigel)}, url = {https://twitter.com/struppigel/status/1275731035184156675}, language = {English}, urldate = {2020-06-24} } Tweet on DiscordTokenStealer
2020-06-16G DataKarsten Hahn
@online{hahn:20200616:new:124c3d1, author = {Karsten Hahn}, title = {{New Java STRRAT ships with .crimson ransomware module}}, date = {2020-06-16}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/strrat-crimson}, language = {English}, urldate = {2020-06-16} } New Java STRRAT ships with .crimson ransomware module
STRRAT
2020-04-02GdataKarsten Hahn
@online{hahn:20200402:pekraut:479527e, author = {Karsten Hahn}, title = {{Pekraut - German RAT starts gnawing}}, date = {2020-04-02}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2020/04/35849-pekraut-german-rat-starts-gnawing}, language = {English}, urldate = {2020-04-06} } Pekraut - German RAT starts gnawing
Pekraut
2020-02-06GdataKarsten Hahn
@online{hahn:20200206:40000:3a0d792, author = {Karsten Hahn}, title = {{40,000 CryptBot Downloads per Day: Bitbucket Abused as Malware Slinger}}, date = {2020-02-06}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2020/02/35802-bitbucket-abused-as-malware-slinger}, language = {English}, urldate = {2020-04-02} } 40,000 CryptBot Downloads per Day: Bitbucket Abused as Malware Slinger
CryptBot
2019-11-21G DataKarsten Hahn, Stefan Karpenstein
@online{hahn:20191121:stop:a5c8118, author = {Karsten Hahn and Stefan Karpenstein}, title = {{STOP Ransomware: Finger weg von illegalen Software-Downloads}}, date = {2019-11-21}, organization = {G Data}, url = {https://www.gdata.de/blog/1970/01/-35391-finger-weg-von-illegalen-software-downloads}, language = {English}, urldate = {2020-01-10} } STOP Ransomware: Finger weg von illegalen Software-Downloads
STOP