Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-12Guillaume Orlando
@online{orlando:20220112:agenttesla:e4c8f1e, author = {Guillaume Orlando}, title = {{AgentTesla v3 - Technical Malware Analysis}}, date = {2022-01-12}, url = {https://guillaumeorlando.github.io/AgentTesla}, language = {English}, urldate = {2022-01-13} } AgentTesla v3 - Technical Malware Analysis
Agent Tesla
2021-12-28NTTHiroki Hada
@online{hada:20211228:flagpro:1263fb7, author = {Hiroki Hada}, title = {{Flagpro: The new malware used by BlackTech}}, date = {2021-12-28}, organization = {NTT}, url = {https://insight-jp.nttsecurity.com/post/102hf3q/flagpro-the-new-malware-used-by-blacktech}, language = {English}, urldate = {2021-12-31} } Flagpro: The new malware used by BlackTech
Flagpro
2021-12-08YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211208:full:4bf6148, author = {Jiří Vinopal}, title = {{Full malware analysis Work-Flow of AgentTesla Malware}}, date = {2021-12-08}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/QQuRp7Qiuzg}, language = {English}, urldate = {2021-12-08} } Full malware analysis Work-Flow of AgentTesla Malware
Agent Tesla
2021-12-02AhnLabASEC Analysis Team
@online{team:20211202:spreading:82866e8, author = {ASEC Analysis Team}, title = {{Spreading AgentTesla through more sophisticated malicious PPT}}, date = {2021-12-02}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/29133/}, language = {Korean}, urldate = {2021-12-07} } Spreading AgentTesla through more sophisticated malicious PPT
Agent Tesla
2021-11-22YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211122:powershell:b15c355, author = {Jiří Vinopal}, title = {{Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2]}}, date = {2021-11-22}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/BM38OshcozE}, language = {English}, urldate = {2021-11-26} } Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2]
Agent Tesla
2021-11-22YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211122:powershell:37baf25, author = {Jiří Vinopal}, title = {{Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1]}}, date = {2021-11-22}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/hxaeWyK8gMI}, language = {English}, urldate = {2021-11-26} } Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1]
Agent Tesla
2021-11-12Living CodeDominik Degroot
@online{degroot:20211112:agenttesla:d69002b, author = {Dominik Degroot}, title = {{AgentTesla dropped via NSIS installer}}, date = {2021-11-12}, organization = {Living Code}, url = {http://l1v1ngc0d3.wordpress.com/2021/11/12/agenttesla-dropped-via-nsis-installer/}, language = {English}, urldate = {2021-11-17} } AgentTesla dropped via NSIS installer
Agent Tesla
2021-10-19NTTThreat Detection Team Security division of NTT
@online{ntt:20211019:layered:92e34d1, author = {Threat Detection Team Security division of NTT}, title = {{The layered infrastructure operated by APT29}}, date = {2021-10-19}, organization = {NTT}, url = {https://services.global.ntt/en-us/insights/blog/the-layered-infrastructure-operated-by-apt29}, language = {English}, urldate = {2021-12-31} } The layered infrastructure operated by APT29
elf.wellmess
2021-10-13Anchored Narratives on Threat Intelligence and GeopoliticsRJM
@online{rjm:20211013:trouble:c988e46, author = {RJM}, title = {{Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor.}}, date = {2021-10-13}, organization = {Anchored Narratives on Threat Intelligence and Geopolitics}, url = {https://anchorednarratives.substack.com/p/trouble-in-asia-and-the-middle-east}, language = {English}, urldate = {2021-10-14} } Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor.
Crimson RAT
2021-10-08NTTHiroki Hada, Rintaro Koike, Fumio Ozawa
@online{hada:20211008:malware:bfcbd46, author = {Hiroki Hada and Rintaro Koike and Fumio Ozawa}, title = {{Malware Flagpro used by targeted attack group BlackTech}}, date = {2021-10-08}, organization = {NTT}, url = {https://insight-jp.nttsecurity.com/post/102h7vx/blacktechflagpro}, language = {Japanese}, urldate = {2021-10-24} } Malware Flagpro used by targeted attack group BlackTech
Flagpro
2021-06-18YouTube (jnpc)Yuu Arai, Twitter (@yarai1978)
@online{arai:20210618:cyber:efd5b54, author = {Yuu Arai and Twitter (@yarai1978)}, title = {{"Cyber ​​Security" Yu Arai, NTT DATA Executive Security Analyst}}, date = {2021-06-18}, organization = {YouTube (jnpc)}, url = {https://www.youtube.com/watch?v=2GRhJgF49vA&ab_channel=jnpc}, language = {Japanese}, urldate = {2021-06-22} } "Cyber ​​Security" Yu Arai, NTT DATA Executive Security Analyst
2021-05-11Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20210511:snip3:69a4650, author = {Microsoft Security Intelligence}, title = {{Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla}}, date = {2021-05-11}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1392219299696152578}, language = {English}, urldate = {2021-05-13} } Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla
Agent Tesla AsyncRAT
2021-04-29NTTThreat Detection NTT Ltd.
@techreport{ltd:20210429:operations:a7ad0d4, author = {Threat Detection NTT Ltd.}, title = {{The Operations of Winnti group}}, date = {2021-04-29}, institution = {NTT}, url = {https://hello.global.ntt/-/media/ntt/global/insights/white-papers/the-operations-of-winnti-group.pdf}, language = {English}, urldate = {2021-08-09} } The Operations of Winnti group
Cobalt Strike ShadowPad Spyder Winnti
2021-04-04menshaway blogspotMahmoud Morsy
@online{morsy:20210404:technical:197b7c7, author = {Mahmoud Morsy}, title = {{Technical report of AgentTesla}}, date = {2021-04-04}, organization = {menshaway blogspot}, url = {https://menshaway.blogspot.com/2021/04/agenttesla-malware.html}, language = {English}, urldate = {2021-04-06} } Technical report of AgentTesla
Agent Tesla
2021-04-01Medium mikko-kenttalaMikko Kenttälä
@online{kenttl:20210401:zero:76c0fc0, author = {Mikko Kenttälä}, title = {{Zero click vulnerability in Apple’s macOS Mail}}, date = {2021-04-01}, organization = {Medium mikko-kenttala}, url = {https://mikko-kenttala.medium.com/zero-click-vulnerability-in-apples-macos-mail-59e0c14b106c}, language = {English}, urldate = {2021-04-06} } Zero click vulnerability in Apple’s macOS Mail
2021-03-10NTT SecurityHiroki Hada
@online{hada:20210310:pseudogatespelevo:79a6fdf, author = {Hiroki Hada}, title = {{日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について}}, date = {2021-03-10}, organization = {NTT Security}, url = {https://insight-jp.nttsecurity.com/post/102gsqj/pseudogatespelevo-exploit-kit}, language = {Japanese}, urldate = {2021-03-11} } 日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について
Zloader
2021-02-25MinervaMinerva Labs
@online{labs:20210225:preventing:c968dbc, author = {Minerva Labs}, title = {{Preventing AgentTelsa Infiltration}}, date = {2021-02-25}, organization = {Minerva}, url = {https://blog.minerva-labs.com/preventing-agenttesla}, language = {English}, urldate = {2021-02-25} } Preventing AgentTelsa Infiltration
Agent Tesla
2021-02-18NTT SecurityHiroki Hada
@online{hada:20210218:ncctrojan:04c46fc, author = {Hiroki Hada}, title = {{nccTrojan used in targeted attack by TA428 group against defense and aviation organizations}}, date = {2021-02-18}, organization = {NTT Security}, url = {https://insight-jp.nttsecurity.com/post/102gr6l/ta428ncctrojan}, language = {Japanese}, urldate = {2021-02-18} } nccTrojan used in targeted attack by TA428 group against defense and aviation organizations
nccTrojan
2021-02-12InfoSec Handlers Diary BlogXavier Mertens
@online{mertens:20210212:agenttesla:228400f, author = {Xavier Mertens}, title = {{AgentTesla Dropped Through Automatic Click in Microsoft Help File}}, date = {2021-02-12}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/diary/rss/27092}, language = {English}, urldate = {2021-02-18} } AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla
2021-01-28NTTDan Saunders
@online{saunders:20210128:emotet:19b0313, author = {Dan Saunders}, title = {{Emotet disruption - Europol counterattack}}, date = {2021-01-28}, organization = {NTT}, url = {https://hello.global.ntt/en-us/insights/blog/emotet-disruption-europol-counterattack}, language = {English}, urldate = {2021-01-29} } Emotet disruption - Europol counterattack
Emotet