Click here to download all references as Bib-File.•
| 2023-04-06
⋅
Spamhaus
⋅
Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch Tofsee |
| 2023-04-06
⋅
Spamhaus
⋅
Neutralizing Tofsee Spambot – Part 2 | InMemoryConfig store vaccine Tofsee |
| 2023-04-06
⋅
Spamhaus
⋅
Neutralizing Tofsee Spambot – Part 1 | Binary file vaccine Tofsee |
| 2022-10-12
⋅
Spamhaus
⋅
Dissecting the new shellcode-based variant of GuLoader (CloudEyE) CloudEyE |
| 2020-04-22
⋅
Youtube (Infosec Alpha)
⋅
FlattenTheCurve - Emotet Control Flow Unflattening | Episode 2 Emotet |
| 2020-03-31
⋅
Youtube (Infosec Alpha)
⋅
Emotet Binary Deobfuscation | Coconut Paradise | Episode 1 Emotet |
| 2020-03-11
⋅
Twitter (@raashidbhatt)
⋅
Tweet on Emotet Deobfuscation with Video Emotet |
| 2019-07-30
⋅
int 0xcc blog
⋅
Practical Threat Hunting and Incidence Response : A Case of A Pony Malware Infection Pony |
| 2019-04-22
⋅
int 0xcc blog
⋅
Dissecting Emotet’s network communication protocol Emotet |
| 2018-09-18
⋅
int 0xcc blog
⋅
A taste of our own medicine: How SmokeLoader is deceiving configuration extraction by using binary code as bait SmokeLoader |
| 2018-09-06
⋅
int 0xcc blog
⋅
Dissecting DEloader malware with obfuscation Zloader |
| 2017-02-22
⋅
PhishLabs
⋅
Dissecting the Qadars Banking Trojan Qadars |
| 2016-02-01
⋅
Blueliv
⋅
Tracking the footprints of PushDo Trojan Pushdo |