Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-07-23Sentinel LABSJim Walter
@online{walter:20200723:wastedlocker:aa88222, author = {Jim Walter}, title = {{WastedLocker Ransomware: Abusing ADS and NTFS File Attributes}}, date = {2020-07-23}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/wastedlocker-ransomware-abusing-ads-and-ntfs-file-attributes/}, language = {English}, urldate = {2020-07-24} } WastedLocker Ransomware: Abusing ADS and NTFS File Attributes
WastedLocker
2020-07-07Sentinel LABSJason Reaves
@online{reaves:20200707:breaking:2a99a35, author = {Jason Reaves}, title = {{Breaking EvilQuest | Reversing A Custom macOS Ransomware File Encryption Routine}}, date = {2020-07-07}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/breaking-evilquest-reversing-a-custom-macos-ransomware-file-encryption-routine/}, language = {English}, urldate = {2020-07-08} } Breaking EvilQuest | Reversing A Custom macOS Ransomware File Encryption Routine
EvilQuest
2020-06-22Sentinel LABSJoshua Platt, Jason Reaves
@online{platt:20200622:inside:b381dd5, author = {Joshua Platt and Jason Reaves}, title = {{Inside a TrickBot Cobalt Strike Attack Server}}, date = {2020-06-22}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/inside-a-trickbot-cobaltstrike-attack-server/}, language = {English}, urldate = {2020-06-23} } Inside a TrickBot Cobalt Strike Attack Server
Cobalt Strike TrickBot
2020-06-09Sentinel LABSJason Reaves
@online{reaves:20200609:valak:ff6bc74, author = {Jason Reaves}, title = {{Valak Malware and the Connection to Gozi Loader ConfCrew}}, date = {2020-06-09}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/valak-malware-and-the-connection-to-gozi-loader-confcrew/}, language = {English}, urldate = {2020-06-10} } Valak Malware and the Connection to Gozi Loader ConfCrew
Valak
2019-12-10Sentinel LABSVitali Kremez, Joshua Platt, Jason Reaves
@online{kremez:20191210:morphisec:c0fc51c, author = {Vitali Kremez and Joshua Platt and Jason Reaves}, title = {{MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS}}, date = {2019-12-10}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/the-deadly-planeswalker-how-the-trickbot-group-united-high-tech-crimeware-apt/}, language = {English}, urldate = {2020-01-08} } MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS
Anchor
2019-10-24Sentinel LABSVitali Kremez
@online{kremez:20191024:how:e6d838d, author = {Vitali Kremez}, title = {{How TrickBot Malware Hooking Engine Targets Windows 10 Browsers}}, date = {2019-10-24}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/how-trickbot-hooking-engine-targets-windows-10-browsers/}, language = {English}, urldate = {2020-07-03} } How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
TrickBot
2019-08-15Sentinel LABSDaniel Bunce
@online{bunce:20190815:gootkit:480c7e8, author = {Daniel Bunce}, title = {{Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features}}, date = {2019-08-15}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/gootkit-banking-trojan-deep-dive-anti-analysis-features/}, language = {English}, urldate = {2020-06-18} } Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features
GootKit
2019-05-09Sentinel LABSVitali Kremez
@online{kremez:20190509:robinhood:187f468, author = {Vitali Kremez}, title = {{RobinHood Ransomware “CoolMaker” Functions Not So Cool}}, date = {2019-05-09}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/blog/robinhood-ransomware-coolmaker-function-not-cool/}, language = {English}, urldate = {2020-01-06} } RobinHood Ransomware “CoolMaker” Functions Not So Cool
RobinHood