Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-16JPCERT/CCShusei Tomonaga
@online{tomonaga:20201116:elfplead:3bb79c4, author = {Shusei Tomonaga}, title = {{ELF_PLEAD - Linux Malware Used by BlackTech}}, date = {2020-11-16}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/11/elf-plead.html}, language = {English}, urldate = {2020-11-17} } ELF_PLEAD - Linux Malware Used by BlackTech
PLEAD
2020-09-29JPCERT/CCShusei Tomonaga
@online{tomonaga:20200929:blindingcan:a85ca22, author = {Shusei Tomonaga}, title = {{BLINDINGCAN - Malware Used by Lazarus}}, date = {2020-09-29}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/09/BLINDINGCAN.html}, language = {English}, urldate = {2020-10-02} } BLINDINGCAN - Malware Used by Lazarus
BLINDINGCAN Lazarus Group
2020-08-31JPCERT/CCShusei Tomonaga
@online{tomonaga:20200831:malware:18b1228, author = {Shusei Tomonaga}, title = {{Malware Used by Lazarus after Network Intrusion}}, date = {2020-08-31}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html}, language = {English}, urldate = {2020-09-04} } Malware Used by Lazarus after Network Intrusion
Lazarus Group
2020-08-31JPCERT/CCShusei Tomonaga
@online{tomonaga:20200831:malware:61046e2, author = {Shusei Tomonaga}, title = {{Malware used by the attack group Lazarus after network intrusion}}, date = {2020-08-31}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2020/08/Lazarus_malware.html}, language = {Japanese}, urldate = {2020-08-31} } Malware used by the attack group Lazarus after network intrusion
2020-03-05JPCERT/CCShusei Tomonaga
@online{tomonaga:20200305:elftscookie:f49b873, author = {Shusei Tomonaga}, title = {{ELF_TSCookie - Linux Malware Used by BlackTech}}, date = {2020-03-05}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2020/03/elf-tscookie.html}, language = {English}, urldate = {2020-03-09} } ELF_TSCookie - Linux Malware Used by BlackTech
TSCookie
2019-11-11Virus BulletinShusei Tomonaga, Tomoaki Tani, Hiroshi Soeda, Wataru Takahashi
@online{tomonaga:20191111:cases:ac5f1b3, author = {Shusei Tomonaga and Tomoaki Tani and Hiroshi Soeda and Wataru Takahashi}, title = {{APT cases exploiting vulnerabilities in region‑specific software}}, date = {2019-11-11}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/virusbulletin/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-regionspecific-software/}, language = {English}, urldate = {2020-05-13} } APT cases exploiting vulnerabilities in region‑specific software
NodeRAT Emdivi PlugX
2019-09-18JPCERT/CCShusei Tomonaga
@online{tomonaga:20190918:malware:67390e7, author = {Shusei Tomonaga}, title = {{Malware Used by BlackTech after Network Intrusion}}, date = {2019-09-18}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/09/tscookie-loader.html}, language = {English}, urldate = {2019-11-16} } Malware Used by BlackTech after Network Intrusion
PLEAD
2019-05-30JPCERT/CCShusei Tomonaga
@online{tomonaga:20190530:bug:cf70c8d, author = {Shusei Tomonaga}, title = {{Bug in Malware “TSCookie” - Fails to Read Configuration - (Update)}}, date = {2019-05-30}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2019/05/tscookie3.html}, language = {English}, urldate = {2020-01-13} } Bug in Malware “TSCookie” - Fails to Read Configuration - (Update)
PLEAD
2019-02-19JPCERT/CCShusei Tomonaga
@online{tomonaga:20190219:tick:83ca850, author = {Shusei Tomonaga}, title = {{攻撃グループTickによる日本の組織をターゲットにした攻撃活動}}, date = {2019-02-19}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2019/02/tick-activity.html}, language = {Japanese}, urldate = {2020-04-01} } 攻撃グループTickによる日本の組織をターゲットにした攻撃活動
NodeRAT
2018-11-12JPCERT/CCShusei Tomonaga
@online{tomonaga:20181112:bug:fe13af3, author = {Shusei Tomonaga}, title = {{Bug in Malware “TSCookie” - Fails to Read Configuration}}, date = {2018-11-12}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/11/tscookie2.html}, language = {English}, urldate = {2019-10-28} } Bug in Malware “TSCookie” - Fails to Read Configuration
PLEAD
2018-07-06JPCERT/CCShusei Tomonaga
@online{tomonaga:20180706:malware:dc21b83, author = {Shusei Tomonaga}, title = {{Malware “WellMess” Targeting Linux and Windows}}, date = {2018-07-06}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/en/2018/07/malware-wellmes-9b78.html}, language = {English}, urldate = {2020-07-17} } Malware “WellMess” Targeting Linux and Windows
elf.wellmess WellMess
2018-07-06JPCERT/CCShusei Tomonaga
@online{tomonaga:20180706:malware:f40637b, author = {Shusei Tomonaga}, title = {{Malware “WellMess” Targeting Linux and Windows}}, date = {2018-07-06}, organization = {JPCERT/CC}, url = {https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html}, language = {English}, urldate = {2020-01-06} } Malware “WellMess” Targeting Linux and Windows
WellMess
2018-06-08JPCERT/CCShusei Tomonaga
@online{tomonaga:20180608:plead:046d5bc, author = {Shusei Tomonaga}, title = {{PLEAD Downloader Used by BlackTech}}, date = {2018-06-08}, organization = {JPCERT/CC}, url = {https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html}, language = {English}, urldate = {2020-01-06} } PLEAD Downloader Used by BlackTech
PLEAD
2018-03-06Shusei Tomonaga
@online{tomonaga:20180306:malware:f5fea73, author = {Shusei Tomonaga}, title = {{Malware “TSCookie”}}, date = {2018-03-06}, url = {http://blog.jpcert.or.jp/2018/03/malware-tscooki-7aa0.html}, language = {English}, urldate = {2020-01-07} } Malware “TSCookie”
PLEAD
2017-04-03JPCERT/CCShusei Tomonaga
@online{tomonaga:20170403:redleaves:211a123, author = {Shusei Tomonaga}, title = {{RedLeaves - Malware Based on Open Source RAT}}, date = {2017-04-03}, organization = {JPCERT/CC}, url = {http://blog.jpcert.or.jp/.s/2017/04/redleaves---malware-based-on-open-source-rat.html}, language = {English}, urldate = {2020-01-10} } RedLeaves - Malware Based on Open Source RAT
PlugX RedLeaves
2017-04-03JPCERT/CCShusei Tomonaga
@online{tomonaga:20170403:ratredleaves:c0d1a92, author = {Shusei Tomonaga}, title = {{オープンソースのRATを改良したマルウエアRedLeaves}}, date = {2017-04-03}, organization = {JPCERT/CC}, url = {https://www.jpcert.or.jp/magazine/acreport-redleaves.html}, language = {Japanese}, urldate = {2020-01-06} } オープンソースのRATを改良したマルウエアRedLeaves
RedLeaves
2017-02-21JPCERT/CCShusei Tomonaga
@online{tomonaga:20170221:plugx:f9e4817, author = {Shusei Tomonaga}, title = {{PlugX + Poison Ivy = PlugIvy? - PlugX Integrating Poison Ivy’s Code}}, date = {2017-02-21}, organization = {JPCERT/CC}, url = {http://blog.jpcert.or.jp/2017/02/plugx-poison-iv-919a.html}, language = {English}, urldate = {2020-01-13} } PlugX + Poison Ivy = PlugIvy? - PlugX Integrating Poison Ivy’s Code
PlugX
2017-02-10JPCERT/CCShusei Tomonaga
@online{tomonaga:20170210:powersploit:8c4789a, author = {Shusei Tomonaga}, title = {{PowerSploit}}, date = {2017-02-10}, organization = {JPCERT/CC}, url = {https://www.jpcert.or.jp/magazine/acreport-ChChes_ps1.html}, language = {Japanese}, urldate = {2020-01-09} } PowerSploit
ChChes
2017-02-10JPCERT/CCShusei Tomonaga
@online{tomonaga:20170210:malware:4f2c9aa, author = {Shusei Tomonaga}, title = {{Malware that infects using PowerSploit}}, date = {2017-02-10}, organization = {JPCERT/CC}, url = {https://blog.cyber4sight.com/2017/02/malicious-powershell-script-analysis-indicates-shamoon-actors-used-pupy-rat/}, language = {Japanese}, urldate = {2020-01-08} } Malware that infects using PowerSploit
pupy
2016-06-30JPCERT/CCShusei Tomonaga
@online{tomonaga:20160630:asruex:7472f12, author = {Shusei Tomonaga}, title = {{Asruex: Malware Infecting through Shortcut Files}}, date = {2016-06-30}, organization = {JPCERT/CC}, url = {http://blog.jpcert.or.jp/2016/06/asruex-malware-infecting-through-shortcut-files.html}, language = {English}, urldate = {2019-10-25} } Asruex: Malware Infecting through Shortcut Files
DarkHotel