Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-03OALabsSergei Frankoff
@online{frankoff:20230803:golang:daf6565, author = {Sergei Frankoff}, title = {{Golang Garble String Decryption}}, date = {2023-08-03}, organization = {OALabs}, url = {https://research.openanalysis.net/garble/go/obfuscation/strings/2023/08/03/garble.html}, language = {English}, urldate = {2023-08-07} } Golang Garble String Decryption
Bandit Stealer
2023-07-31OALabsSergei Frankoff
@online{frankoff:20230731:bandit:9ecabaf, author = {Sergei Frankoff}, title = {{Bandit Stealer Garbled}}, date = {2023-07-31}, organization = {OALabs}, url = {https://research.openanalysis.net/bandit/stealer/garble/go/obfuscation/2023/07/31/bandit-garble.html}, language = {English}, urldate = {2023-07-31} } Bandit Stealer Garbled
Bandit Stealer
2023-07-16OALabsSergei Frankoff
@online{frankoff:20230716:lobshot:fc9d3c4, author = {Sergei Frankoff}, title = {{Lobshot: Lobshot a basic hVNC bot}}, date = {2023-07-16}, organization = {OALabs}, url = {https://research.openanalysis.net/lobshot/bot/hvnc/triage/2023/07/16/lobshot.html}, language = {English}, urldate = {2023-07-21} } Lobshot: Lobshot a basic hVNC bot
LOBSHOT
2023-05-07OALabsSergei Frankoff
@online{frankoff:20230507:strelastealer:664452e, author = {Sergei Frankoff}, title = {{StrelaStealer Under the radar email credential stealer in development}}, date = {2023-05-07}, organization = {OALabs}, url = {https://research.openanalysis.net/strelastealer/stealer/2023/05/07/streala.html}, language = {English}, urldate = {2023-06-26} } StrelaStealer Under the radar email credential stealer in development
StrelaStealer
2023-04-23OALabsSergei Frankoff
@online{frankoff:20230423:in2al5dp3in4er:7117c1b, author = {Sergei Frankoff}, title = {{in2al5dp3in4er Loader}}, date = {2023-04-23}, organization = {OALabs}, url = {https://research.openanalysis.net/in2al5dp3in4er/loader/analysis/sandbox/invalid%20printer/2023/04/23/in2al5dp3in4er.html}, language = {English}, urldate = {2023-05-02} } in2al5dp3in4er Loader
Aurora Stealer
2023-04-20OALabsSergei Frankoff
@online{frankoff:20230420:cryptnet:17135c2, author = {Sergei Frankoff}, title = {{CryptNET Ransomware}}, date = {2023-04-20}, organization = {OALabs}, url = {https://research.openanalysis.net/dotnet/cryptnet/ransomware/2023/04/20/cryptnet.html}, language = {English}, urldate = {2023-05-02} } CryptNET Ransomware
CryptNET
2023-04-16OALabsSergei Frankoff
@online{frankoff:20230416:xorstringsnet:79d9991, author = {Sergei Frankoff}, title = {{XORStringsNet}}, date = {2023-04-16}, organization = {OALabs}, url = {https://research.openanalysis.net/dotnet/xorstringsnet/agenttesla/2023/04/16/xorstringsnet.html}, language = {English}, urldate = {2023-05-02} } XORStringsNet
Agent Tesla RedLine Stealer
2023-04-13OALabsSergei Frankoff
@online{frankoff:20230413:quasar:3ad6058, author = {Sergei Frankoff}, title = {{Quasar Chaos: Open Source Ransomware Meets Open Source RAT}}, date = {2023-04-13}, organization = {OALabs}, url = {https://research.openanalysis.net/quasar/chaos/rat/ransomware/2023/04/13/quasar-chaos.html}, language = {English}, urldate = {2023-05-02} } Quasar Chaos: Open Source Ransomware Meets Open Source RAT
Chaos Quasar RAT
2023-04-06OALabsSergei Frankoff
@online{frankoff:20230406:photoloader:76a4798, author = {Sergei Frankoff}, title = {{PhotoLoader ICEDID}}, date = {2023-04-06}, organization = {OALabs}, url = {https://research.openanalysis.net/icedid/bokbot/photoloader/config/2023/04/06/photoloader.html}, language = {English}, urldate = {2023-05-02} } PhotoLoader ICEDID
PhotoLoader
2023-04-02OALabsSergei Frankoff
@online{frankoff:20230402:aresloader:c216327, author = {Sergei Frankoff}, title = {{AresLoader Taking a closer look at this new loader}}, date = {2023-04-02}, organization = {OALabs}, url = {https://research.openanalysis.net/ares/aresloader/loader/2023/04/02/aresloader.html}, language = {English}, urldate = {2023-04-22} } AresLoader Taking a closer look at this new loader
AresLoader
2023-03-30OALabsSergei Frankoff
@online{frankoff:20230330:3cx:244fb6e, author = {Sergei Frankoff}, title = {{3CX Supply Chain Attack}}, date = {2023-03-30}, organization = {OALabs}, url = {https://research.openanalysis.net/3cx/northkorea/apt/triage/2023/03/30/3cx-malware.html#Functionality}, language = {English}, urldate = {2023-04-06} } 3CX Supply Chain Attack
3CX Backdoor
2023-03-16OALabsSergei Frankoff
@online{frankoff:20230316:cryptbot:9cd940b, author = {Sergei Frankoff}, title = {{CryptBot}}, date = {2023-03-16}, organization = {OALabs}, url = {https://research.openanalysis.net/cryptbot/botnet/yara/config/2023/03/16/cryptbot.html}, language = {English}, urldate = {2023-05-02} } CryptBot
CryptBot
2023-02-12Youtube (OALabs)Sergei Frankoff, Fabian Wosar
@online{frankoff:20230212:esxiargs:442f901, author = {Sergei Frankoff and Fabian Wosar}, title = {{ESXiArgs Ransomware Analysis with @fwosar}}, date = {2023-02-12}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=bBcvqxPdjoI}, language = {English}, urldate = {2023-02-13} } ESXiArgs Ransomware Analysis with @fwosar
ESXiArgs
2022-08-25OALabsSergei Frankoff
@online{frankoff:20220825:smokeloader:d02283f, author = {Sergei Frankoff}, title = {{SmokeLoader Triage Taking a look how Smoke Loader works}}, date = {2022-08-25}, organization = {OALabs}, url = {https://research.openanalysis.net/smoke/smokeloader/loader/config/yara/triage/2022/08/25/smokeloader.html}, language = {English}, urldate = {2022-08-31} } SmokeLoader Triage Taking a look how Smoke Loader works
SmokeLoader
2022-06-19OALabsSergei Frankoff
@online{frankoff:20220619:matanbuchus:0a0a9dc, author = {Sergei Frankoff}, title = {{Matanbuchus Triage Notes}}, date = {2022-06-19}, organization = {OALabs}, url = {https://research.openanalysis.net/matanbuchus/loader/yara/triage/dumpulator/emulation/2022/06/19/matanbuchus-triage.html}, language = {English}, urldate = {2022-06-27} } Matanbuchus Triage Notes
Matanbuchus
2022-05-12OALabsSergei Frankoff
@online{frankoff:20220512:taking:8bf052d, author = {Sergei Frankoff}, title = {{Taking a look at Bumblebee loader}}, date = {2022-05-12}, organization = {OALabs}, url = {https://research.openanalysis.net/bumblebee/malware/loader/unpacking/2022/05/12/bumblebee_loader.html}, language = {English}, urldate = {2022-05-17} } Taking a look at Bumblebee loader
BumbleBee
2022-03-02Youtube (OALabs)Sergei Frankoff, Sean Wilson
@online{frankoff:20220302:botleggers:1cb3ac9, author = {Sergei Frankoff and Sean Wilson}, title = {{Botleggers Exposed - Analysis of The Conti Leaks Malware}}, date = {2022-03-02}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=uORuVVQzZ0A}, language = {English}, urldate = {2022-03-07} } Botleggers Exposed - Analysis of The Conti Leaks Malware
Conti
2021-11-22Youtube (OALabs)c3rb3ru5d3d53c, Sergei Frankoff
@online{c3rb3ru5d3d53c:20211122:introduction:1daa38b, author = {c3rb3ru5d3d53c and Sergei Frankoff}, title = {{Introduction To Binlex A Binary Trait Lexer Library and Utility - Machine Learning First Steps...}}, date = {2021-11-22}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=hgz5gZB3DxE}, language = {English}, urldate = {2021-11-29} } Introduction To Binlex A Binary Trait Lexer Library and Utility - Machine Learning First Steps...
Karma
2021-09-27Youtube (OALabs)Sergei Frankoff
@online{frankoff:20210927:live:83ccb1f, author = {Sergei Frankoff}, title = {{Live Coding A Squirrelwaffle Malware Config Extractor}}, date = {2021-09-27}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=9X2P7aFKSw0}, language = {English}, urldate = {2021-10-05} } Live Coding A Squirrelwaffle Malware Config Extractor
Squirrelwaffle
2021-07-31Youtube (OALabs)Sergei Frankoff
@online{frankoff:20210731:python3:e022fc4, author = {Sergei Frankoff}, title = {{Python3 Tips For Reverse Engineers}}, date = {2021-07-31}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=TrAwfQlfDd8}, language = {English}, urldate = {2021-08-02} } Python3 Tips For Reverse Engineers