Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-21Medium infoSec Write-upsJustAnother-Engineer
@online{justanotherengineer:20231121:unmasking:68727c8, author = {JustAnother-Engineer}, title = {{Unmasking NJRat: A Deep Dive into a Notorious Remote Access Trojan Part1}}, date = {2023-11-21}, organization = {Medium infoSec Write-ups}, url = {https://infosecwriteups.com/part1-static-code-analysis-of-the-rat-njrat-2f273408df43}, language = {English}, urldate = {2023-11-22} } Unmasking NJRat: A Deep Dive into a Notorious Remote Access Trojan Part1
NjRAT
2023-11-16Medium g0njxag0njxa
@online{g0njxa:20231116:approaching:82a667f, author = {g0njxa}, title = {{Approaching stealers devs : a brief interview with LummaC2}}, date = {2023-11-16}, organization = {Medium g0njxa}, url = {https://g0njxa.medium.com/approaching-stealers-devs-a-brief-interview-with-lummac2-94111d4b1e11}, language = {English}, urldate = {2023-11-22} } Approaching stealers devs : a brief interview with LummaC2
Lumma Stealer
2023-10-26Medium walmartglobaltechJonathan Mccay
@online{mccay:20231026:smartapesg:34c667a, author = {Jonathan Mccay}, title = {{SmartApeSG}}, date = {2023-10-26}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/smartapesg-4605157a5b80}, language = {English}, urldate = {2023-11-14} } SmartApeSG
NetSupportManager RAT
2023-10-20Medium walmartglobaltechJason Reaves, Joshua Platt
@online{reaves:20231020:icedid:43212cd, author = {Jason Reaves and Joshua Platt}, title = {{IcedID gets Loaded}}, date = {2023-10-20}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/icedid-gets-loaded-af073b7b6d39}, language = {English}, urldate = {2023-11-14} } IcedID gets Loaded
Unidentified 111 (IcedID Loader)
2023-09-19Medium (@DCSO_CyTec)Johann Aydinbas
@online{aydinbas:20230919:shortandmalicious:a0cff0b, author = {Johann Aydinbas}, title = {{#ShortAndMalicious — DarkGate}}, date = {2023-09-19}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/shortandmalicious-darkgate-d9102a457232}, language = {English}, urldate = {2023-09-20} } #ShortAndMalicious — DarkGate
DarkGate
2023-09-07Medium (@simone.kraus)Simone Kraus
@online{kraus:20230907:critical:0746f72, author = {Simone Kraus}, title = {{Critical Energy Infrastructure Facility Attack In Ukraine}}, date = {2023-09-07}, organization = {Medium (@simone.kraus)}, url = {https://medium.com/@simone.kraus/critical-engergy-infrastructure-facility-in-ukraine-attack-b15638f6a402}, language = {English}, urldate = {2023-09-11} } Critical Energy Infrastructure Facility Attack In Ukraine
2023-08-30Medium walmartglobaltechJason Reaves
@online{reaves:20230830:gazavat:1f8a081, author = {Jason Reaves}, title = {{Gazavat / Expiro DMSniff connection and DGA analysis}}, date = {2023-08-30}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/gazavat-expiro-dmsniff-connection-and-dga-analysis-8b965cc0221d}, language = {English}, urldate = {2023-08-31} } Gazavat / Expiro DMSniff connection and DGA analysis
DMSniff Expiro
2023-08-02Medium (@morimolymoly)morimolymoly
@online{morimolymoly:20230802:hui:99bb65d, author = {morimolymoly}, title = {{HUI Loader — Malware Analysis Note}}, date = {2023-08-02}, organization = {Medium (@morimolymoly)}, url = {https://medium.com/@morimolymoly/hui-loader-malware-analysis-note-4fa0e1c791d3}, language = {English}, urldate = {2023-08-25} } HUI Loader — Malware Analysis Note
HUI Loader
2023-07-31Medium (csg-govtech)Greg Jefferson
@online{jefferson:20230731:chinabacked:b3e5da9, author = {Greg Jefferson}, title = {{China-Backed Hackers Threaten Texas Military Sites, Utilities}}, date = {2023-07-31}, organization = {Medium (csg-govtech)}, url = {https://www.govtech.com/security/china-backed-hackers-threaten-texas-military-sites-utilities}, language = {English}, urldate = {2023-08-25} } China-Backed Hackers Threaten Texas Military Sites, Utilities
2023-07-23Medium infoSec Write-upsmov_eax_27
@online{moveax27:20230723:unpacking:ea6fb5f, author = {mov_eax_27}, title = {{Unpacking an Emotet Trojan}}, date = {2023-07-23}, organization = {Medium infoSec Write-ups}, url = {https://infosecwriteups.com/unpacking-emotet-trojan-dac7e6119a0a}, language = {English}, urldate = {2023-10-10} } Unpacking an Emotet Trojan
Emotet
2023-07-18Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
@online{reaves:20230718:nemesisproject:daa35d0, author = {Jason Reaves and Jonathan Mccay and Joshua Platt}, title = {{NemesisProject}}, date = {2023-07-18}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/nemesisproject-816ed5c1e8d5}, language = {English}, urldate = {2023-07-19} } NemesisProject
Nemesis
2023-06-23Medium (Cryptax)Axelle Apvrille
@online{apvrille:20230623:inside:80ab43b, author = {Axelle Apvrille}, title = {{Inside KangaPack: the Kangaroo packer with native decryption}}, date = {2023-06-23}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/inside-kangapack-the-kangaroo-packer-with-native-decryption-3e7e054679c4}, language = {English}, urldate = {2023-06-26} } Inside KangaPack: the Kangaroo packer with native decryption
FluHorse
2023-06-23MediumTaisiia Garkava
@online{garkava:20230623:observerstealer:5699a93, author = {Taisiia Garkava}, title = {{ObserverStealer: Unmasking the New Contender in Cyber Crime}}, date = {2023-06-23}, organization = {Medium}, url = {https://medium.com/@cyberhust1er/observerstealer-unmasking-the-new-contender-in-cyber-crime-6e54a40d801d}, language = {English}, urldate = {2023-06-27} } ObserverStealer: Unmasking the New Contender in Cyber Crime
ObserverStealer
2023-05-17Medium (@DCSO_CyTec)Johann Aydinbas, Emilia Neuber, Kritika Roy, Axel Wauer, Jiro Minier
@online{aydinbas:20230517:andariels:517dbe2, author = {Johann Aydinbas and Emilia Neuber and Kritika Roy and Axel Wauer and Jiro Minier}, title = {{Andariel’s “Jupiter” malware and the case of the curious C2}}, date = {2023-05-17}, organization = {Medium (@DCSO_CyTec)}, url = {https://medium.com/@DCSO_CyTec/andariels-jupiter-malware-and-the-case-of-the-curious-c2-dbfe29f57499}, language = {English}, urldate = {2023-05-21} } Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter
2023-05-14MediumDenshi Yūrei
@online{yrei:20230514:silent:9e16bf5, author = {Denshi Yūrei}, title = {{Silent Echoes: The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer}}, date = {2023-05-14}, organization = {Medium}, url = {https://denshiyurei.medium.com/silent-echoes-the-hidden-dialogue-among-malware-entities-spotlight-on-amos-infostealer-6d7cd70e3219}, language = {English}, urldate = {2023-05-15} } Silent Echoes: The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer
AMOS Aurora Stealer TitanStealer
2023-05-09Medium walmartglobaltechJason Reaves, Joshua Platt, Jonathan Mccay
@online{reaves:20230509:metastealer:11ef397, author = {Jason Reaves and Joshua Platt and Jonathan Mccay}, title = {{MetaStealer string decryption and DGA overview}}, date = {2023-05-09}, organization = {Medium walmartglobaltech}, url = {https://medium.com/walmartglobaltech/metastealer-string-decryption-and-dga-overview-5f38f76830cd}, language = {English}, urldate = {2023-05-11} } MetaStealer string decryption and DGA overview
MetaStealer
2023-04-19Medium (@simone.kraus)Simone Kraus
@online{kraus:20230419:rorschach:835da83, author = {Simone Kraus}, title = {{Rorschach Ransomware Analysis with Attack Flow}}, date = {2023-04-19}, organization = {Medium (@simone.kraus)}, url = {https://medium.com/@simone.kraus/rorschach-ransomware-analysis-with-attack-flow-7fa5ff613a75}, language = {English}, urldate = {2023-04-25} } Rorschach Ransomware Analysis with Attack Flow
Rorschach Ransomware
2023-04-13Medium Invictus Incident ResponseInvictus Incident Response
@online{response:20230413:ransomware:d516cc9, author = {Invictus Incident Response}, title = {{Ransomware in the cloud}}, date = {2023-04-13}, organization = {Medium Invictus Incident Response}, url = {https://invictus-ir.medium.com/ransomware-in-the-cloud-7f14805bbe82}, language = {English}, urldate = {2023-04-22} } Ransomware in the cloud
2023-04-05Medium IlanduIlan Duhin
@online{duhin:20230405:portdoor:e39d907, author = {Ilan Duhin}, title = {{PortDoor - APT Backdoor analysis}}, date = {2023-04-05}, organization = {Medium Ilandu}, url = {https://medium.com/@Ilandu/portdoor-malware-afc9d0796cba}, language = {English}, urldate = {2023-04-06} } PortDoor - APT Backdoor analysis
ACBackdoor 8.t Dropper PortDoor
2023-03-23Medium s2wlabBLKSMTH, S2W TALON
@online{blksmth:20230323:scarcruft:82ba4d6, author = {BLKSMTH and S2W TALON}, title = {{Scarcruft Bolsters Arsenal for targeting individual Android devices}}, date = {2023-03-23}, organization = {Medium s2wlab}, url = {https://medium.com/s2wblog/scarcruft-bolsters-arsenal-for-targeting-individual-android-devices-97d2bcef4ab}, language = {English}, urldate = {2023-03-27} } Scarcruft Bolsters Arsenal for targeting individual Android devices
RambleOn RokRAT