Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-03Palo Alto Networks Unit 42Mark Lim, Daniel Raygoza, Bob Jung
@online{lim:20230503:teasing:eef7ae4, author = {Mark Lim and Daniel Raygoza and Bob Jung}, title = {{Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale}}, date = {2023-05-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/teasing-secrets-malware-configuration-parsing}, language = {English}, urldate = {2023-05-04} } Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale
IcedID PhotoLoader
2022-09-27Palo Alto Networks Unit 42Mark Lim
@online{lim:20220927:more:5992cc3, author = {Mark Lim}, title = {{More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID}}, date = {2022-09-27}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/polyglot-file-icedid-payload/}, language = {English}, urldate = {2022-09-30} } More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID
PhotoLoader
2022-06-24Palo Alto Networks Unit 42Mark Lim, Riley Porter
@online{lim:20220624:there:7a3b762, author = {Mark Lim and Riley Porter}, title = {{There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families}}, date = {2022-06-24}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/api-hammering-malware-families/}, language = {English}, urldate = {2022-06-27} } There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families
BazarBackdoor Zloader
2022-04-25paloalto Networks Unit 42Mark Lim
@online{lim:20220425:defeating:3da4840, author = {Mark Lim}, title = {{Defeating BazarLoader Anti-Analysis Techniques}}, date = {2022-04-25}, organization = {paloalto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/bazarloader-anti-analysis-techniques/}, language = {English}, urldate = {2022-04-29} } Defeating BazarLoader Anti-Analysis Techniques
BazarBackdoor
2021-07-19Palo Alto Networks Unit 42Mark Lim
@online{lim:20210719:evade:51a9e1f, author = {Mark Lim}, title = {{Evade Sandboxes With a Single Bit – the Trap Flag}}, date = {2021-07-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/single-bit-trap-flag-intel-cpu/}, language = {English}, urldate = {2021-07-26} } Evade Sandboxes With a Single Bit – the Trap Flag
lampion