Click here to download all references as Bib-File.•
| 2021-09-14
⋅
Telekom
⋅
Flubot’s Smishing Campaigns under the Microscope Anatsa FluBot |
| 2021-05-17
⋅
Telekom
⋅
Let’s set ice on fire: Hunting and detecting IcedID infections IcedID |
| 2021-01-28
⋅
0xC0DECAFE
⋅
Learn how to fix PE magic numbers with Malduck |
| 2021-01-08
⋅
0xC0DECAFE
⋅
The malware analyst’s guide to aPLib decompression ISFB Rovnix |
| 2020-12-28
⋅
0xC0DECAFE
⋅
Never upload ransomware samples to the Internet Ryuk |
| 2020-12-23
⋅
0xC0DECAFE
⋅
Detect RC4 in (malicious) binaries SmokeLoader Zloader |
| 2020-12-17
⋅
Telekom
⋅
Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs SmokeLoader |
| 2020-10-06
⋅
Telekom
⋅
Eager Beaver: A Short Overview of the Restless Threat Actor TA505 Clop Get2 SDBbot TA505 |
| 2020-06-16
⋅
Telekom
⋅
TA505 returns with a new bag of tricks Clop Get2 SDBbot TA505 |
| 2020-05-14
⋅
Telekom
⋅
LOLSnif – Tracking Another Ursnif-Based Targeted Campaign LOLSnif |
| 2020-03-26
⋅
Telekom
⋅
TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505 |
| 2020-03-06
⋅
Telekom
⋅
Dissecting Emotet - Part 2 Emotet |
| 2020-02-03
⋅
Telekom
⋅
Dissecting Emotet – Part 1 Emotet |
| 2020-01-22
⋅
The malware analyst’s guide to PE timestamps Azorult Gozi IcedID ISFB LOLSnif SUNBURST TEARDROP |
| 2020-01-14
⋅
Telekom
⋅
Inside of CL0P’s ransomware operation Clop Get2 SDBbot |