Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-05Medium s2wlabS2W TALON
@online{talon:20211005:prometheus:b698c61, author = {S2W TALON}, title = {{Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.}}, date = {2021-10-05}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/prometheus-x-spook-prometheus-ransomware-rebranded-spook-ransomware-6f93bd8ab5dd}, language = {English}, urldate = {2021-10-11} } Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.
Prometheus
2021-09-09Medium s2wlabS2W TALON
@online{talon:20210909:case:fdbe983, author = {S2W TALON}, title = {{Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction}}, date = {2021-09-09}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/case-analysis-of-suncrypt-ransomware-negotiation-and-bitcoin-transaction-43a2194ac0bc}, language = {English}, urldate = {2021-09-12} } Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction
SunCrypt
2021-09-08Medium s2wlabS2W TALON
@online{talon:20210908:grooves:64ea498, author = {S2W TALON}, title = {{Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands}}, date = {2021-09-08}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/grooves-thoughts-on-blackmatter-babuk-and-interruption-in-the-supply-of-cheese-in-the-b5328bc764f2}, language = {English}, urldate = {2021-09-12} } Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands
Babuk BlackMatter Babuk BlackMatter
2021-09-01Medium s2wlabS2W LAB INTELLIGENCE TEAM, Denise Dasom Kim, Jungyeon Lim, Yeonghyeon Jeong, Sujin Lim, Chaewon Moon
@online{team:20210901:blackmatter:6a2a025, author = {S2W LAB INTELLIGENCE TEAM and Denise Dasom Kim and Jungyeon Lim and Yeonghyeon Jeong and Sujin Lim and Chaewon Moon}, title = {{BlackMatter x Babuk : Using the same web server for sharing leaked files}}, date = {2021-09-01}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/blackmatter-x-babuk-using-the-same-web-server-for-sharing-leaked-files-d01c20a74751}, language = {English}, urldate = {2021-09-06} } BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter
2021-07-14Medium s2wlabJaeki Kim
@online{kim:20210714:matryoshka:6c8d267, author = {Jaeki Kim}, title = {{Matryoshka : Variant of ROKRAT, APT37 (Scarcruft)}}, date = {2021-07-14}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/matryoshka-variant-of-rokrat-apt37-scarcruft-69774ea7bf48}, language = {English}, urldate = {2021-07-20} } Matryoshka : Variant of ROKRAT, APT37 (Scarcruft)
RokRAT
2021-07-08Medium s2wlabSojun Ryu
@online{ryu:20210708:analysis:65a332a, author = {Sojun Ryu}, title = {{Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea}}, date = {2021-07-08}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/analysis-of-lazarus-malware-abusing-non-activex-module-in-south-korea-7d52b9539c12}, language = {English}, urldate = {2021-07-09} } Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea
2021-07-07Medium s2wlabSeunghoe Kim
@online{kim:20210707:deep:3903b28, author = {Seunghoe Kim}, title = {{Deep analysis of KPOT Stealer}}, date = {2021-07-07}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/deep-analysis-of-kpot-stealer-fb1d2be9c5dd}, language = {English}, urldate = {2021-07-09} } Deep analysis of KPOT Stealer
KPOT Stealer
2021-06-23Medium s2wlabSojun Ryu
@online{ryu:20210623:deep:b255667, author = {Sojun Ryu}, title = {{Deep analysis of REvil Ransomware}}, date = {2021-06-23}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/deep-analysis-of-revil-ransomware-written-in-korean-d1899c0e9317}, language = {Korean}, urldate = {2021-07-29} } Deep analysis of REvil Ransomware
REvil
2021-06-03Medium s2wlabHyunmin Suh, Denise Dasom Kim, Jungyeon Lim, YH Jeong
@online{suh:20210603:w1:f034ac8, author = {Hyunmin Suh and Denise Dasom Kim and Jungyeon Lim and YH Jeong}, title = {{W1 Jun | EN | Story of the week: Ransomware on the Darkweb}}, date = {2021-06-03}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/w1-jun-en-story-of-the-week-ransomware-on-the-darkweb-af491d33868b}, language = {English}, urldate = {2021-06-16} } W1 Jun | EN | Story of the week: Ransomware on the Darkweb
DarkSide Babuk DarkSide
2021-05-28Medium s2wlabSojun Ryu
@online{ryu:20210528:deep:c5d221c, author = {Sojun Ryu}, title = {{Deep Analysis of Vidar Stealer}}, date = {2021-05-28}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/deep-analysis-of-vidar-stealer-ebfc3b557aed}, language = {English}, urldate = {2021-06-16} } Deep Analysis of Vidar Stealer
vidar
2021-05-25Medium s2wlabHyunmin Suh, Denise Dasom Kim, Jungyeon Lim
@online{suh:20210525:w4:b927684, author = {Hyunmin Suh and Denise Dasom Kim and Jungyeon Lim}, title = {{W4 May | EN | Story of the week: Ransomware on the Darkweb}}, date = {2021-05-25}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/w4-may-en-story-of-the-week-ransomware-on-the-darkweb-5f5b8d4c3b6f}, language = {English}, urldate = {2021-06-16} } W4 May | EN | Story of the week: Ransomware on the Darkweb
Babuk REvil
2021-05-24Medium s2wlabSeunghoe Kim
@online{kim:20210524:deep:6cef7f7, author = {Seunghoe Kim}, title = {{Deep Analysis of Raccoon Stealer}}, date = {2021-05-24}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/deep-analysis-of-raccoon-stealer-5da8cbbc4949}, language = {Korean}, urldate = {2021-06-16} } Deep Analysis of Raccoon Stealer
Raccoon
2021-05-17Medium s2wlabHyunmin Suh, Denise Dasom Kim, Jungyeon Lim, YH Jeong
@online{suh:20210517:w3:0e9b789, author = {Hyunmin Suh and Denise Dasom Kim and Jungyeon Lim and YH Jeong}, title = {{W3 May | EN | Story of the week: Code Signing Certificate on the Darkweb}}, date = {2021-05-17}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/w3-may-en-story-of-the-week-code-signing-certificate-on-the-darkweb-94c7ec437001}, language = {English}, urldate = {2021-06-16} } W3 May | EN | Story of the week: Code Signing Certificate on the Darkweb
Stuxnet
2021-02-15Medium s2wlabSojun Ryu
@online{ryu:20210215:operation:b0712b0, author = {Sojun Ryu}, title = {{Operation SyncTrek}}, date = {2021-02-15}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/operation-synctrek-e5013df8d167}, language = {English}, urldate = {2021-09-02} } Operation SyncTrek
AbaddonPOS Azorult Clop DoppelDridex DoppelPaymer Dridex PwndLocker
2021-02-03Medium s2wlabHyunmin Suh, Minjei Cho
@online{suh:20210203:w1:45a76f4, author = {Hyunmin Suh and Minjei Cho}, title = {{W1 Feb| EN | Story of the week: Stealers on the Darkweb}}, date = {2021-02-03}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/w1-feb-en-story-of-the-week-stealers-on-the-darkweb-49945a31601d}, language = {English}, urldate = {2021-02-04} } W1 Feb| EN | Story of the week: Stealers on the Darkweb
Azorult Raccoon vidar
2021-01-26Medium s2wlabHyunmin Suh
@online{suh:20210126:w4:138a143, author = {Hyunmin Suh}, title = {{W4 Jan | EN | Story of the week: Ransomware on the Darkweb}}, date = {2021-01-26}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/w4-jan-en-story-of-the-week-ransomware-on-the-darkweb-7595544363b1}, language = {English}, urldate = {2021-01-27} } W4 Jan | EN | Story of the week: Ransomware on the Darkweb
Avaddon Babuk LockBit