Click here to download all references as Bib-File.
2021-09-14 ⋅ Telekom ⋅ Flubot’s Smishing Campaigns under the Microscope Anatsa FluBot |
2021-05-17 ⋅ Telekom ⋅ Let’s set ice on fire: Hunting and detecting IcedID infections IcedID |
2021-01-28 ⋅ 0xC0DECAFE ⋅ Learn how to fix PE magic numbers with Malduck |
2021-01-08 ⋅ 0xC0DECAFE ⋅ The malware analyst’s guide to aPLib decompression ISFB Rovnix |
2020-12-28 ⋅ 0xC0DECAFE ⋅ Never upload ransomware samples to the Internet Ryuk |
2020-12-23 ⋅ 0xC0DECAFE ⋅ Detect RC4 in (malicious) binaries SmokeLoader Zloader |
2020-12-17 ⋅ Telekom ⋅ Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs SmokeLoader |
2020-10-06 ⋅ Telekom ⋅ Eager Beaver: A Short Overview of the Restless Threat Actor TA505 Clop Get2 SDBbot TA505 |
2020-06-16 ⋅ Telekom ⋅ TA505 returns with a new bag of tricks Clop Get2 SDBbot TA505 |
2020-05-14 ⋅ Telekom ⋅ LOLSnif – Tracking Another Ursnif-Based Targeted Campaign LOLSnif |
2020-03-26 ⋅ Telekom ⋅ TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505 |
2020-03-06 ⋅ Telekom ⋅ Dissecting Emotet - Part 2 Emotet |
2020-02-03 ⋅ Telekom ⋅ Dissecting Emotet – Part 1 Emotet |
2020-01-22 ⋅ The malware analyst’s guide to PE timestamps Azorult Gozi IcedID ISFB LOLSnif SUNBURST TEARDROP |
2020-01-14 ⋅ Telekom ⋅ Inside of CL0P’s ransomware operation Clop Get2 SDBbot |