Click here to download all references as Bib-File.•
| 2025-02-13
⋅
Elastic
⋅
You've Got Malware: FINALDRAFT Hides in Your Drafts FINALDRAFT FINALDRAFT PATHLOADER |
| 2024-12-12
⋅
Elastic
⋅
Under the SADBRIDGE with GOSAR: QUASAR Gets a Golang Rewrite Gosar Quasar RAT SADBRIDGE |
| 2024-10-19
⋅
Elastic
⋅
Tricks and Treats: GHOSTPULSE’s new pixel- level deception HijackLoader |
| 2024-10-03
⋅
Virus Bulletin
⋅
Sugarcoating KANDYKORN: a sweet dive into a sophisticated MacOS backdoor HLOADER KANDYKORN SUGARLOADER |
| 2024-05-21
⋅
Elastic
⋅
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations win.ghostengine |
| 2024-02-23
⋅
Elastic
⋅
PIKABOT, I choose you! Pikabot |
| 2023-10-27
⋅
Elastic
⋅
GHOSTPULSE haunts victims using defense evasion bag o' tricks HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar |
| 2023-10-03
⋅
Elastic
⋅
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE) EagerBee SManager REF2924 REF5961 |
| 2023-08-24
⋅
Elastic
⋅
Revisting BLISTER: New development of the BLISTER loader Blister |
| 2023-08-24
⋅
Elastic
⋅
Revisting BLISTER: New development of the BLISTER loader Blister |
| 2023-06-29
⋅
Elastic
⋅
The DPRK strikes using a new variant of RUSTBUCKET RustBucket |
| 2023-06-21
⋅
Elastic
⋅
Initial research exposing JOKERSPY JokerSpy |
| 2023-04-07
⋅
Elastic
⋅
Attack chain leads to XWORM and AGENTTESLA Agent Tesla XWorm |
| 2023-02-02
⋅
Elastic
⋅
Update to the REF2924 intrusion set and related campaigns DoorMe ShadowPad SiestaGraph |
| 2022-12-16
⋅
Elastic
⋅
SiestaGraph: New implant uncovered in ASEAN member foreign ministry DoorMe SiestaGraph |
| 2022-09-09
⋅
Elastic
⋅
BUGHATCH Malware Analysis BUGHATCH |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Campaign Analysis Cobalt Strike Cuba Meterpreter MimiKatz SystemBC |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Malware Analysis Cuba |
| 2022-05-05
⋅
Elastic
⋅
BLISTER Loader Blister |