Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-15NTT SecurityHiroki Hada
@online{hada:20201015:pandas:962b364, author = {Hiroki Hada}, title = {{Panda’s New Arsenal: Part 1 Tmanger}}, date = {2020-10-15}, organization = {NTT Security}, url = {https://insight-jp.nttsecurity.com/post/102gi9b/pandas-new-arsenal-part-1-tmanger}, language = {Japanese}, urldate = {2020-10-19} } Panda’s New Arsenal: Part 1 Tmanger
2020-09-03Medium mariohenkelMario Henkel
@online{henkel:20200903:decrypting:16cd7a9, author = {Mario Henkel}, title = {{Decrypting AgentTesla strings and config}}, date = {2020-09-03}, organization = {Medium mariohenkel}, url = {https://medium.com/@mariohenkel/decrypting-agenttesla-strings-and-config-b9000b18c996?sk=fcead9538516eeb3daa7b53cb537f6f4}, language = {English}, urldate = {2020-09-03} } Decrypting AgentTesla strings and config
Agent Tesla
2020-08-27MalWatchMalWatch
@online{malwatch:20200827:wintrojanagenttesla:8c6e4f6, author = {MalWatch}, title = {{Win.Trojan.AgentTesla - Malware analysis & threat intelligence report}}, date = {2020-08-27}, organization = {MalWatch}, url = {https://malwatch.github.io/posts/agent-tesla-malware-analysis/}, language = {English}, urldate = {2020-08-28} } Win.Trojan.AgentTesla - Malware analysis & threat intelligence report
Agent Tesla
2020-07-28NTTNTT Security
@online{security:20200728:craftypanda:7643b28, author = {NTT Security}, title = {{CraftyPanda 標的型攻撃解析レポート}}, date = {2020-07-28}, organization = {NTT}, url = {https://www.nttsecurity.com/docs/librariesprovider3/default-document-library/craftypanda-analysis-report}, language = {Japanese}, urldate = {2020-07-30} } CraftyPanda 標的型攻撃解析レポート
Ghost RAT PlugX
2020-07-20NTTSecurity division of NTT Ltd.
@online{ltd:20200720:shellbot:adab896, author = {Security division of NTT Ltd.}, title = {{Shellbot victim overlap with Emotet network infrastructure}}, date = {2020-07-20}, organization = {NTT}, url = {https://hello.global.ntt/en-us/insights/blog/shellbot-victim-overlap-with-emotet-network-infrastructure}, language = {English}, urldate = {2020-07-30} } Shellbot victim overlap with Emotet network infrastructure
Emotet
2020-07-06NTTSecurity division of NTT Ltd.
@online{ltd:20200706:trickbot:9612912, author = {Security division of NTT Ltd.}, title = {{TrickBot variant “Anchor_DNS” communicating over DNS}}, date = {2020-07-06}, organization = {NTT}, url = {https://hello.global.ntt/en-us/insights/blog/trickbot-variant-communicating-over-dns}, language = {English}, urldate = {2020-07-30} } TrickBot variant “Anchor_DNS” communicating over DNS
Anchor_DNS TrickBot
2020-06-18NTT SecuritySecurity division of NTT Ltd.
@online{ltd:20200618:behind:a5e168d, author = {Security division of NTT Ltd.}, title = {{Behind the scenes of the Emotet Infrastructure}}, date = {2020-06-18}, organization = {NTT Security}, url = {https://hello.global.ntt/en-us/insights/blog/behind-the-scenes-of-the-emotet-infrastructure}, language = {English}, urldate = {2020-06-20} } Behind the scenes of the Emotet Infrastructure
Emotet
2020-05-23InfoSec Handlers Diary BlogXavier Mertens
@online{mertens:20200523:agenttesla:eba0b0c, author = {Xavier Mertens}, title = {{AgentTesla Delivered via a Malicious PowerPoint Add-In}}, date = {2020-05-23}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/forums/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162/}, language = {English}, urldate = {2020-05-27} } AgentTesla Delivered via a Malicious PowerPoint Add-In
Agent Tesla
2020-04-16MalwarebytesHossein Jazi
@online{jazi:20200416:new:6b7cb7a, author = {Hossein Jazi}, title = {{New AgentTesla variant steals WiFi credentials}}, date = {2020-04-16}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2020/04/new-agenttesla-variant-steals-wifi-credentials/}, language = {English}, urldate = {2020-04-16} } New AgentTesla variant steals WiFi credentials
Agent Tesla
2020-04-15Suraj Malhotra
@online{malhotra:20200415:how:6cfc199, author = {Suraj Malhotra}, title = {{How Analysing an AgentTesla Could Lead To Attackers Inbox - Part II}}, date = {2020-04-15}, url = {https://mrt4ntr4.github.io/How-Analysing-an-AgentTesla-Could-Lead-To-Attackers-Inbox-2/}, language = {English}, urldate = {2020-04-20} } How Analysing an AgentTesla Could Lead To Attackers Inbox - Part II
Agent Tesla
2020-04-13Suraj Malhotra
@online{malhotra:20200413:how:6ea81f8, author = {Suraj Malhotra}, title = {{How Analysing an AgentTesla Could Lead To Attackers Inbox - Part I}}, date = {2020-04-13}, url = {https://mrt4ntr4.github.io/How-Analysing-an-AgentTesla-Could-Lead-To-Attackers-Inbox-1/}, language = {English}, urldate = {2020-04-15} } How Analysing an AgentTesla Could Lead To Attackers Inbox - Part I
Agent Tesla
2020-01-17NTT SecurityTakai Hajime
@techreport{hajime:20200117:operation:ef488fd, author = {Takai Hajime}, title = {{Operation Bitter Biscuit}}, date = {2020-01-17}, institution = {NTT Security}, url = {https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_3_takai_jp.pdf}, language = {Japanese}, urldate = {2020-07-20} } Operation Bitter Biscuit
Korlia
2019-10-18NTTNTT Security
@online{security:20191018:trickbot:6e2f73f, author = {NTT Security}, title = {{TrickBot variant “Anchor_DNS” communicating over DNS}}, date = {2019-10-18}, organization = {NTT}, url = {https://hello.global.ntt/zh-cn/insights/blog/trickbot-variant-communicating-over-dns}, language = {English}, urldate = {2020-10-12} } TrickBot variant “Anchor_DNS” communicating over DNS
Anchor
2019-07-11NTT SecurityNTT Security
@online{security:20190711:targeted:a48e692, author = {NTT Security}, title = {{Targeted TrickBot activity drops 'PowerBrace' backdoor}}, date = {2019-07-11}, organization = {NTT Security}, url = {https://technical.nttsecurity.com/post/102fnog/targeted-trickbot-activity-drops-powerbrace-backdoor}, language = {English}, urldate = {2019-12-18} } Targeted TrickBot activity drops 'PowerBrace' backdoor
PowerBrace TrickBot
2019-06-25MyOnlineSecurityMyOnlineSecurity
@online{myonlinesecurity:20190625:more:a611b77, author = {MyOnlineSecurity}, title = {{More AgentTesla keylogger and Nanocore RAT in one bundle}}, date = {2019-06-25}, organization = {MyOnlineSecurity}, url = {https://myonlinesecurity.co.uk/more-agenttesla-keylogger-and-nanocore-rat-in-one-bundle/}, language = {English}, urldate = {2019-11-27} } More AgentTesla keylogger and Nanocore RAT in one bundle
Houdini
2019-03-06Unit CANARYNTT セキュリティ, ジャパン株式会社
@online{:20190306:taidoor:651efa6, author = {NTT セキュリティ and ジャパン株式会社}, title = {{Taidoor を用いた標的型攻撃}}, date = {2019-03-06}, organization = {Unit CANARY}, url = {https://www.nttsecurity.com/docs/librariesprovider3/resources/taidoor%E3%82%92%E7%94%A8%E3%81%84%E3%81%9F%E6%A8%99%E7%9A%84%E5%9E%8B%E6%94%BB%E6%92%83%E8%A7%A3%E6%9E%90%E3%83%AC%E3%83%9D%E3%83%BC%E3%83%88_v1}, language = {English}, urldate = {2020-01-13} } Taidoor を用いた標的型攻撃
taidoor
2019-03-05TencentTencent
@online{tencent:20190305:transparenttribe:55798e4, author = {Tencent}, title = {{TransparentTribe APT organizes 2019 attacks on Indian government and military targets}}, date = {2019-03-05}, organization = {Tencent}, url = {https://s.tencent.com/research/report/669.html}, language = {Chinese}, urldate = {2020-01-08} } TransparentTribe APT organizes 2019 attacks on Indian government and military targets
Crimson RAT Unidentified 066 Operation C-Major
2017-09-25Palo Alto Networks Unit 42Jeff White
@online{white:20170925:analyzing:92167ce, author = {Jeff White}, title = {{Analyzing the Various Layers of AgentTesla’s Packing}}, date = {2017-09-25}, organization = {Palo Alto Networks Unit 42}, url = {https://researchcenter.paloaltonetworks.com/2017/09/unit42-analyzing-various-layers-agentteslas-packing/}, language = {English}, urldate = {2019-12-20} } Analyzing the Various Layers of AgentTesla’s Packing
Agent Tesla
2017-06-28FortinetXiaopeng Zhang
@online{zhang:20170628:indepth:51d37ec, author = {Xiaopeng Zhang}, title = {{In-Depth Analysis of A New Variant of .NET Malware AgentTesla}}, date = {2017-06-28}, organization = {Fortinet}, url = {https://blog.fortinet.com/2017/06/28/in-depth-analysis-of-net-malware-javaupdtr}, language = {English}, urldate = {2020-01-08} } In-Depth Analysis of A New Variant of .NET Malware AgentTesla
Agent Tesla