Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-03Trend MicroMohamad Mokbel
@techreport{mokbel:20210903:state:df86499, author = {Mohamad Mokbel}, title = {{The State of SSL/TLS Certificate Usage in Malware C&C Communications}}, date = {2021-09-03}, institution = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/i/ssl-tls-technical-brief/ssl-tls-technical-brief.pdf}, language = {English}, urldate = {2021-09-19} } The State of SSL/TLS Certificate Usage in Malware C&C Communications
AdWind ostap AsyncRAT BazarBackdoor BitRAT Buer Chthonic CloudEyE Cobalt Strike DCRat Dridex FindPOS GootKit Gozi IcedID ISFB Nanocore RAT Orcus RAT PandaBanker Qadars QakBot Quasar RAT Rockloader ServHelper Shifu SManager TorrentLocker TrickBot Vawtrak Zeus Zloader
2020-07-21YouTube ( OPCDE with Matt Suiche)Mohamad Mokbel
@online{mokbel:20200721:vopcde:26d48d0, author = {Mohamad Mokbel}, title = {{vOPCDE #9 - A Journey into Malware HTTP Communication Channels Spectacles (Mohamad Mokbel)}}, date = {2020-07-21}, organization = {YouTube ( OPCDE with Matt Suiche)}, url = {https://www.youtube.com/watch?v=FttiysUZmDw}, language = {English}, urldate = {2021-09-22} } vOPCDE #9 - A Journey into Malware HTTP Communication Channels Spectacles (Mohamad Mokbel)
Alureon Cobra Carbon System CROSSWALK danbot Mevade ProtonBot Silence
2019-04-22Trend MicroMohamad Mokbel
@online{mokbel:20190422:cc:23b1202, author = {Mohamad Mokbel}, title = {{C/C++ Runtime Library Code Tampering in Supply Chain}}, date = {2019-04-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/19/d/analyzing-c-c-runtime-library-code-tampering-in-software-supply-chain-attacks.html}, language = {English}, urldate = {2021-09-19} } C/C++ Runtime Library Code Tampering in Supply Chain
shadowhammer ShadowPad Winnti
2018-12-13Trend MicroMohamad Mokbel
@techreport{mokbel:20181213:tildeb:99fb939, author = {Mohamad Mokbel}, title = {{Tildeb: An Implant from the Shadow Brokers’ Leak}}, date = {2018-12-13}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/tech-brief-tildeb-analyzing-the-18-year-old-implant-from-the-shadow-brokers-leak.pdf}, language = {English}, urldate = {2021-09-19} } Tildeb: An Implant from the Shadow Brokers’ Leak
tildeb
2017-07-18Trend MicroMohamad Mokbel, Tim Yeh, Brian Cayanan
@online{mokbel:20170718:linux:e43d04b, author = {Mohamad Mokbel and Tim Yeh and Brian Cayanan}, title = {{Linux Users Urged to Update as a New Threat Exploits SambaCry}}, date = {2017-07-18}, organization = {Trend Micro}, url = {http://blog.trendmicro.com/trendlabs-security-intelligence/linux-users-urged-update-new-threat-exploits-sambacry}, language = {English}, urldate = {2020-01-09} } Linux Users Urged to Update as a New Threat Exploits SambaCry
ShellBind