Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-16vmwareOleg Boyarchuk, Stefano Ortolani, Jason Zhang, Threat Analysis Unit
@online{boyarchuk:20220516:emotet:6392ff3, author = {Oleg Boyarchuk and Stefano Ortolani and Jason Zhang and Threat Analysis Unit}, title = {{Emotet Moves to 64 bit and Updates its Loader}}, date = {2022-05-16}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/05/emotet-moves-to-64-bit-and-updates-its-loader.html}, language = {English}, urldate = {2022-05-17} } Emotet Moves to 64 bit and Updates its Loader
Emotet
2022-03-29vmwareOleg Boyarchuk, Jason Zhang, Threat Analysis Unit
@online{boyarchuk:20220329:emotet:18b143b, author = {Oleg Boyarchuk and Jason Zhang and Threat Analysis Unit}, title = {{Emotet C2 Configuration Extraction and Analysis}}, date = {2022-03-29}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/03/emotet-c2-configuration-extraction-and-analysis.html}, language = {English}, urldate = {2022-04-04} } Emotet C2 Configuration Extraction and Analysis
Emotet
2022-03-23vmwareSagar Daundkar, Threat Analysis Unit
@online{daundkar:20220323:sysjoker:d8a1ba0, author = {Sagar Daundkar and Threat Analysis Unit}, title = {{SysJoker – An Analysis of a Multi-OS RAT}}, date = {2022-03-23}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/03/%e2%80%afsysjoker-an-analysis-of-a-multi-os-rat.html}, language = {English}, urldate = {2022-04-04} } SysJoker – An Analysis of a Multi-OS RAT
SysJoker SysJoker SysJoker
2022-03-04vmwareGiovanni Vigna, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
@online{vigna:20220304:hermetic:78d4550, author = {Giovanni Vigna and Oleg Boyarchuk and Stefano Ortolani and Threat Analysis Unit}, title = {{Hermetic Malware: Multi-component Threat Targeting Ukraine Organizations}}, date = {2022-03-04}, organization = {vmware}, url = {https://blogs.vmware.com/networkvirtualization/2022/03/hermetic-malware-multi-component-threat-targeting-ukraine-organizations.html/}, language = {English}, urldate = {2022-03-22} } Hermetic Malware: Multi-component Threat Targeting Ukraine Organizations
HermeticWiper
2022-02-25vmwareSudhir Devkar, Threat Analysis Unit
@online{devkar:20220225:avoslocker:4a19530, author = {Sudhir Devkar and Threat Analysis Unit}, title = {{AvosLocker – Modern Linux Ransomware Threats}}, date = {2022-02-25}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/02/avoslocker-modern-linux-ransomware-threats.html}, language = {English}, urldate = {2022-03-22} } AvosLocker – Modern Linux Ransomware Threats
Avoslocker
2022-02-07vmwareJason Zhang, Threat Analysis Unit
@online{zhang:20220207:emotet:e89deeb, author = {Jason Zhang and Threat Analysis Unit}, title = {{Emotet Is Not Dead (Yet) – Part 2}}, date = {2022-02-07}, organization = {vmware}, url = {https://blogs.vmware.com/networkvirtualization/2022/02/emotet-is-not-dead-yet-part-2.html/}, language = {English}, urldate = {2022-02-10} } Emotet Is Not Dead (Yet) – Part 2
Emotet
2022-01-21vmwareJason Zhang, Threat Analysis Unit
@online{zhang:20220121:emotet:bdb4508, author = {Jason Zhang and Threat Analysis Unit}, title = {{Emotet Is Not Dead (Yet)}}, date = {2022-01-21}, organization = {vmware}, url = {https://blogs.vmware.com/networkvirtualization/2022/01/emotet-is-not-dead-yet.html/}, language = {English}, urldate = {2022-02-10} } Emotet Is Not Dead (Yet)
Emotet
2021-12-23vmwareThreat Analysis Unit
@online{unit:20211223:introducing:5593554, author = {Threat Analysis Unit}, title = {{Introducing DARTH: Distributed Analysis for Research and Threat Hunting}}, date = {2021-12-23}, organization = {vmware}, url = {https://blogs.vmware.com/networkvirtualization/2021/12/introducing-darth-distributed-analysis-for-research-and-threat-hunting.html/}, language = {English}, urldate = {2022-02-10} } Introducing DARTH: Distributed Analysis for Research and Threat Hunting
2021-11-11vmwareJason Zhang, Stefano Ortolani, Giovanni Vigna, Threat Analysis Unit
@online{zhang:20211111:research:b254ed6, author = {Jason Zhang and Stefano Ortolani and Giovanni Vigna and Threat Analysis Unit}, title = {{Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer}}, date = {2021-11-11}, organization = {vmware}, url = {https://blogs.vmware.com/security/2021/11/telemetry-peak-analyzer-an-automatic-malware-campaign-detector.html}, language = {English}, urldate = {2022-03-22} } Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Phorpiex QakBot
2021-03-25VMWare Carbon BlackThreat Analysis Unit, Baibhav Singh, Giovanni Vigna
@online{unit:20210325:memory:6fb3ce4, author = {Threat Analysis Unit and Baibhav Singh and Giovanni Vigna}, title = {{Memory Forensics for Virtualized Hosts}}, date = {2021-03-25}, organization = {VMWare Carbon Black}, url = {https://blogs.vmware.com/networkvirtualization/2021/03/memory-forensics-for-virtualized-hosts.html/?src=so_601c8a71b87d7&cid=7012H000001YsJA}, language = {English}, urldate = {2021-04-09} } Memory Forensics for Virtualized Hosts
2021-02-23vmwareThreat Analysis Unit
@techreport{unit:20210223:iron:c71d37f, author = {Threat Analysis Unit}, title = {{Iron Rain: Understanding Nation-State Motives and APT Groups}}, date = {2021-02-23}, institution = {vmware}, url = {https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmwcb-report-iron-rain-understanding-nation-state-motives-and-apt-groups.pdf}, language = {English}, urldate = {2022-03-23} } Iron Rain: Understanding Nation-State Motives and APT Groups
2019-11-19VMWare Carbon BlackVMWare
@online{vmware:20191119:threat:a26b43b, author = {VMWare}, title = {{Threat Analysis Unit (TAU) Threat Intelligence Notification: AsyncRAT}}, date = {2019-11-19}, organization = {VMWare Carbon Black}, url = {https://blogs.vmware.com/security/2019/11/threat-analysis-unit-tau-threat-intelligence-notification-asyncrat.html}, language = {English}, urldate = {2021-11-08} } Threat Analysis Unit (TAU) Threat Intelligence Notification: AsyncRAT
AsyncRAT
2019-09-30vmwareScott Knight
@online{knight:20190930:cb:a21cf30, author = {Scott Knight}, title = {{CB Threat Analysis Unit: Technical Analysis of “Crosswalk”}}, date = {2019-09-30}, organization = {vmware}, url = {https://www.carbonblack.com/2019/09/30/cb-threat-analysis-unit-technical-analysis-of-crosswalk/}, language = {English}, urldate = {2020-04-21} } CB Threat Analysis Unit: Technical Analysis of “Crosswalk”
CROSSWALK
2019-09-05vmwareSwee Lai Lee
@online{lee:20190905:cb:5dd9651, author = {Swee Lai Lee}, title = {{CB Threat Analysis Unit Technical Breakdown: GermanWiper Ransomware}}, date = {2019-09-05}, organization = {vmware}, url = {https://www.carbonblack.com/2019/09/05/cb-threat-analysis-unit-technical-breakdown-germanwiper-ransomware/}, language = {English}, urldate = {2020-01-06} } CB Threat Analysis Unit Technical Breakdown: GermanWiper Ransomware
Ordinypt