Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-08kienmanowar BlogTran Trung Kien, m4n0w4r
@online{kien:20230408:quicknote:e44f40f, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam}}, date = {2023-04-08}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/04/08/quicknote-uncovering-suspected-malware-distributed-by-individuals-from-vietnam/}, language = {English}, urldate = {2023-04-08} } [QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam
AsyncRAT DCRat WorldWind
2023-03-25kienmanowar BlogTran Trung Kien, m4n0w4r
@online{kien:20230325:quicknote:c2b9de4, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Decrypting the C2 configuration of Warzone RAT}}, date = {2023-03-25}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/03/25/quicknote-decrypting-the-c2-configuration-of-warzone-rat/}, language = {English}, urldate = {2023-03-27} } [QuickNote] Decrypting the C2 configuration of Warzone RAT
Ave Maria
2023-01-09kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20230109:quicknote:5a8b18c, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Another nice PlugX sample}}, date = {2023-01-09}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/01/09/quicknote-another-nice-plugx-sample/}, language = {English}, urldate = {2023-01-10} } [QuickNote] Another nice PlugX sample
PlugX
2022-12-27kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221227:diving:857147e, author = {m4n0w4r and Tran Trung Kien}, title = {{Diving into a PlugX sample of Mustang Panda group}}, date = {2022-12-27}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/27/diving-into-a-plugx-sample-of-mustang-panda-group/}, language = {English}, urldate = {2022-12-29} } Diving into a PlugX sample of Mustang Panda group
PlugX
2022-12-19kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221219:z2abimonthly:8edee72, author = {m4n0w4r and Tran Trung Kien}, title = {{[Z2A]Bimonthly malware challege – Emotet (Back From the Dead)}}, date = {2022-12-19}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/19/z2abimonthly-malware-challege-emotet-back-from-the-dead/}, language = {English}, urldate = {2022-12-20} } [Z2A]Bimonthly malware challege – Emotet (Back From the Dead)
Emotet
2022-12-17kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221217:quicknote:9b33765, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] VidarStealer Analysis}}, date = {2022-12-17}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/17/quicknote-vidarstealer-analysis/}, language = {English}, urldate = {2022-12-19} } [QuickNote] VidarStealer Analysis
Vidar
2022-06-04kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220604:quicknote:dc79142, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] CobaltStrike SMB Beacon Analysis}}, date = {2022-06-04}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/06/04/quicknote-cobaltstrike-smb-beacon-analysis-2/}, language = {English}, urldate = {2022-06-07} } [QuickNote] CobaltStrike SMB Beacon Analysis
Cobalt Strike
2022-05-20VinCSSm4n0w4r, Tran Trung Kien, Dang Dinh Phuong
@online{m4n0w4r:20220520:re027:38348db, author = {m4n0w4r and Tran Trung Kien and Dang Dinh Phuong}, title = {{[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam}}, date = {2022-05-20}, organization = {VinCSS}, url = {https://blog.vincss.net/2022/05/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-Vietnam.html}, language = {English}, urldate = {2022-05-20} } [RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
PlugX
2022-04-25VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220425:re026:6e05ed2, author = {m4n0w4r and Tran Trung Kien}, title = {{[RE026] A Deep Dive into Zloader - the Silent Night}}, date = {2022-04-25}, organization = {VinCSS}, url = {https://blog.vincss.net/2022/04/re026-a-deep-dive-into-zloader-the-silent-night.html}, language = {English}, urldate = {2022-04-25} } [RE026] A Deep Dive into Zloader - the Silent Night
Zloader
2022-03-21VinCSSTran Trung Kien, m4n0w4r
@online{kien:20220321:quicknote:4be36f8, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Analysis of Pandora ransomware}}, date = {2022-03-21}, organization = {VinCSS}, url = {https://kienmanowar.wordpress.com/2022/03/21/quicknote-analysis-of-pandora-ransomware/}, language = {English}, urldate = {2022-03-22} } [QuickNote] Analysis of Pandora ransomware
Pandora
2022-02-24kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220224:quicknote:bea9238, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Techniques for decrypting BazarLoader strings}}, date = {2022-02-24}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/02/24/quicknote-techniques-for-decrypting-bazarloader-strings/}, language = {English}, urldate = {2022-03-01} } [QuickNote] Techniques for decrypting BazarLoader strings
BazarBackdoor
2022-01-26VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220126:quicknote:caae223, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam}}, date = {2022-01-26}, organization = {VinCSS}, url = {https://kienmanowar.wordpress.com/2022/01/26/quicknote-analysis-of-malware-suspected-to-be-an-apt-attack-targeting-vietnam/}, language = {English}, urldate = {2022-01-28} } [QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam
Unidentified 089 (Downloader)
2022-01-23kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220123:quicknote:852995b, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Emotet epoch4 & epoch5 tactics}}, date = {2022-01-23}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/01/23/quicknote-emotet-epoch4-epoch5-tactics/}, language = {English}, urldate = {2022-01-25} } [QuickNote] Emotet epoch4 & epoch5 tactics
Emotet
2021-10-27VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20211027:re025:52c8a55, author = {m4n0w4r and Tran Trung Kien}, title = {{[RE025] TrickBot ... many tricks}}, date = {2021-10-27}, organization = {VinCSS}, url = {https://blog.vincss.net/2021/10/re025-trickbot-many-tricks.html}, language = {English}, urldate = {2021-11-02} } [RE025] TrickBot ... many tricks
TrickBot
2021-08-04kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20210804:quicknote:791df11, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] MountLocker – Some pseudo-code snippets}}, date = {2021-08-04}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2021/08/04/quicknote-mountlocker-some-pseudo-code-snippets/}, language = {English}, urldate = {2021-09-09} } [QuickNote] MountLocker – Some pseudo-code snippets
Mount Locker
2021-03-18VinCSSTran Trung Kien
@online{kien:20210318:re021:00caf5b, author = {Tran Trung Kien}, title = {{[RE021] Qakbot analysis – Dangerous malware has been around for more than a decade}}, date = {2021-03-18}, organization = {VinCSS}, url = {https://blog.vincss.net/2021/03/re021-qakbot-dangerous-malware-has-been-around-for-more-than-a-decade.html}, language = {English}, urldate = {2021-03-19} } [RE021] Qakbot analysis – Dangerous malware has been around for more than a decade
QakBot
2021-01-13VinCSSTran Trung Kien, m4n0w4r
@online{kien:20210113:re019:5b00767, author = {Tran Trung Kien and m4n0w4r}, title = {{[RE019] From A to X analyzing some real cases which used recent Emotet samples}}, date = {2021-01-13}, organization = {VinCSS}, url = {https://blog.vincss.net/2021/01/re019-from-a-to-x-analyzing-some-real-cases-which-used-recent-Emotet-samples.html}, language = {English}, urldate = {2021-01-25} } [RE019] From A to X analyzing some real cases which used recent Emotet samples
Emotet