Click here to download all references as Bib-File.
2022-10-25 ⋅ VMware Threat Analysis Unit ⋅ Tracking the entire iceberg: long-term APT malware C2 protocol emulation and scanning ShadowPad Winnti |
2022-09-19 ⋅ Virus Bulletin ⋅ Tracking the entire iceberg - long-term APT malware C2 protocol emulation and scanning ShadowPad Winnti |
2021-11-16 ⋅ vmware ⋅ Monitoring Winnti 4.0 C2 Servers for Two Years Winnti |
2021-06-25 ⋅ Gdata ⋅ Microsoft signed a malicious Netfilter rootkit NetfilterRootkit |
2021-02-24 ⋅ VMWare Carbon Black ⋅ Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation Cobalt Strike |
2020-02-20 ⋅ Carbon Black ⋅ Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0) Winnti |
2019-10-24 ⋅ Carbon Black ⋅ Defeating APT10 Compiler-level Obfuscations Anel |
2019-09-04 ⋅ CarbonBlack ⋅ CB TAU Threat Intelligence Notification: Winnti Malware 4.0 Winnti |