Click here to download all references as Bib-File.
2023-05-19 ⋅ Twitter (@embee_research) ⋅ Analysis of Amadey Bot Infrastructure Using Shodan Amadey |
2023-05-18 ⋅ Twitter (@embee_research) ⋅ Identifying Laplas Infrastructure Using Shodan and Censys LaplasClipper |
2023-05-07 ⋅ Twitter (@embee_research) ⋅ AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints Agent Tesla |
2023-04-28 ⋅ Twitter (@MichalKoczwara) ⋅ Tweet on hunting BRC4 infrastructure Brute Ratel C4 |
2023-04-28 ⋅ Twitter (@MalGamy12) ⋅ Tweet explaning similarity between Conti and Akira code Akira |
2023-04-18 ⋅ Twitter (@threatinsight) ⋅ Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware BumbleBee |
2023-04-18 ⋅ Twitter (@1ZRR4H) ⋅ Tweet on CrossLock CrossLock |
2023-04-16 ⋅ Twitter (@malwrhunterteam) ⋅ Tweet on MacOS Lockbit sample LockBit |
2023-04-11 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on change of IcedID backconnect traffic port from 8080 to 443 IcedID |
2023-04-10 ⋅ Twitter (@embee_research) ⋅ Redline Stealer - Static Analysis and C2 Extraction Amadey RedLine Stealer |
2023-04-08 ⋅ Twitter (@embee_research) ⋅ Dcrat - Manual De-obfuscation of .NET Malware DCRat |
2023-04-03 ⋅ Twitter (@kucher1n) ⋅ Tweet on an alternative Guporam sample Gopuram |
2023-03-21 ⋅ Twitter (@splinter_code) ⋅ Tweet on BlackByte ransomware rewrite in C++ BlackByte |
2023-03-18 ⋅ Twitter (@k3dg3) ⋅ Tweet on TA579 distributing AresLoader via WeTransfer URLs AresLoader |
2023-02-24 ⋅ Twitter (@Sebdraven) ⋅ Tweet on IOCTL manipulation in TDL4 and HermeticWiper Alureon HermeticWiper |
2023-02-17 ⋅ Twitter (@luc4m) ⋅ Tweets about Darkbit's intermittent encryption DarkBit |
2023-01-18 ⋅ Twitter (@Gi7w0rm) ⋅ A long way to SectopRat SectopRAT |
2023-01-16 ⋅ Twitter (@zachxbt) ⋅ Tweet on ETH movement of Lazarus |
2023-01-13 ⋅ Twitter (@Ishusoka) ⋅ Tweets on updates regarding Lumma Stealer Lumma Stealer |
2023-01-09 ⋅ Twitter (@SethKingHi) ⋅ Tweet on HuskLoader HuskLoader |