Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-14TelekomThomas Barabosch
Flubot’s Smishing Campaigns under the Microscope
Anatsa FluBot
2021-05-17TelekomThomas Barabosch
Let’s set ice on fire: Hunting and detecting IcedID infections
IcedID
2021-01-280xC0DECAFEThomas Barabosch
Learn how to fix PE magic numbers with Malduck
2021-01-080xC0DECAFEThomas Barabosch
The malware analyst’s guide to aPLib decompression
ISFB Rovnix
2020-12-280xC0DECAFEThomas Barabosch
Never upload ransomware samples to the Internet
Ryuk
2020-12-230xC0DECAFEThomas Barabosch
Detect RC4 in (malicious) binaries
SmokeLoader Zloader
2020-12-17TelekomThomas Barabosch
Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs
SmokeLoader
2020-10-06TelekomThomas Barabosch
Eager Beaver: A Short Overview of the Restless Threat Actor TA505
Clop Get2 SDBbot TA505
2020-06-16TelekomThomas Barabosch
TA505 returns with a new bag of tricks
Clop Get2 SDBbot TA505
2020-05-14TelekomThomas Barabosch
LOLSnif – Tracking Another Ursnif-Based Targeted Campaign
LOLSnif
2020-03-26TelekomThomas Barabosch
TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer
Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505
2020-03-06TelekomThomas Barabosch
Dissecting Emotet - Part 2
Emotet
2020-02-03TelekomThomas Barabosch
Dissecting Emotet – Part 1
Emotet
2020-01-22Thomas Barabosch
The malware analyst’s guide to PE timestamps
Azorult Gozi IcedID ISFB LOLSnif SUNBURST TEARDROP
2020-01-14TelekomThomas Barabosch
Inside of CL0P’s ransomware operation
Clop Get2 SDBbot