Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-04-07FireEyeMichael Bailey
@online{bailey:20200407:thinking:7ee19d0, author = {Michael Bailey}, title = {{Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation}}, date = {2020-04-07}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/04/code-grafting-to-unpack-malware-in-emulation.html}, language = {English}, urldate = {2020-05-05} } Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation
Elise
2020-02-08FireEyeMichael Bailey
@online{bailey:20200208:reversing:b033cdc, author = {Michael Bailey}, title = {{Reversing the Gophe SPambot: Confronting COM Code and Surmounting STL Snags}}, date = {2020-02-08}, organization = {FireEye}, url = {https://github.com/strictlymike/presentations/tree/master/2020/2020.02.08_BSidesHuntsville}, language = {English}, urldate = {2020-10-05} } Reversing the Gophe SPambot: Confronting COM Code and Surmounting STL Snags
Gophe
2019-04-25FireEyeJames T. Bennett, Michael Bailey
@online{bennett:20190425:carbanak:be237af, author = {James T. Bennett and Michael Bailey}, title = {{CARBANAK Week Part Four: The CARBANAK Desktop Video Player}}, date = {2019-04-25}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-four-desktop-video-player.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Four: The CARBANAK Desktop Video Player
2019-04-24FireEyeJames T. Bennett, Michael Bailey
@online{bennett:20190424:carbanak:2376f75, author = {James T. Bennett and Michael Bailey}, title = {{CARBANAK Week Part Three: Behind the CARBANAK Backdoor}}, date = {2019-04-24}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-three-behind-the-backdoor.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Three: Behind the CARBANAK Backdoor
Carbanak
2019-04-23FireEyeMichael Bailey, James T. Bennett
@online{bailey:20190423:carbanak:cbe986c, author = {Michael Bailey and James T. Bennett}, title = {{CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis}}, date = {2019-04-23}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-two-continuing-source-code-analysis.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
2019-04-22FireEyeMichael Bailey, James T. Bennett
@online{bailey:20190422:carbanak:c94c9f1, author = {Michael Bailey and James T. Bennett}, title = {{CARBANAK Week Part One: A Rare Occurrence}}, date = {2019-04-22}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-one-a-rare-occurrence.html}, language = {English}, urldate = {2019-12-20} } CARBANAK Week Part One: A Rare Occurrence
Carbanak
2016-01FireEyeMichael Bailey
@techreport{bailey:201601:matryoshka:3c7753f, author = {Michael Bailey}, title = {{MATRYOSHKA MINING}}, date = {2016-01}, institution = {FireEye}, url = {https://www2.fireeye.com/rs/848-DID-242/images/wp-mandiant-matryoshka-mining.pdf}, language = {English}, urldate = {2019-11-27} } MATRYOSHKA MINING
APT28