Click here to download all references as Bib-File.•
| 2024-07-01
⋅
Speakerdeck (takahiro_haruyama)
⋅
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler DOPLUGS Hodur |
| 2022-10-25
⋅
VMware Threat Analysis Unit
⋅
Tracking the entire iceberg: long-term APT malware C2 protocol emulation and scanning ShadowPad Winnti |
| 2022-09-26
⋅
Youtube (Virus Bulletin)
⋅
Tracking the entire iceberg long term APT malware C2 protocol emulation and scanning ShadowPad Winnti |
| 2022-09-19
⋅
Virus Bulletin
⋅
Tracking the entire iceberg - long-term APT malware C2 protocol emulation and scanning ShadowPad Winnti |
| 2021-11-16
⋅
vmware
⋅
Monitoring Winnti 4.0 C2 Servers for Two Years Winnti |
| 2021-06-25
⋅
Gdata
⋅
Microsoft signed a malicious Netfilter rootkit NetfilterRootkit |
| 2021-02-24
⋅
⋅
VMWare Carbon Black
⋅
Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation Cobalt Strike |
| 2020-02-20
⋅
Carbon Black
⋅
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0) Winnti |
| 2019-10-24
⋅
Carbon Black
⋅
Defeating APT10 Compiler-level Obfuscations Anel |
| 2019-09-04
⋅
CarbonBlack
⋅
CB TAU Threat Intelligence Notification: Winnti Malware 4.0 Winnti |