Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-19Twitter (@embee_research)Embee_research
@online{embeeresearch:20230519:analysis:92de1d2, author = {Embee_research}, title = {{Analysis of Amadey Bot Infrastructure Using Shodan}}, date = {2023-05-19}, organization = {Twitter (@embee_research)}, url = {https://embee-research.ghost.io/amadey-bot-infrastructure/}, language = {English}, urldate = {2023-05-21} } Analysis of Amadey Bot Infrastructure Using Shodan
Amadey
2023-05-18Twitter (@embee_research)Embee_research
@online{embeeresearch:20230518:identifying:a7f1165, author = {Embee_research}, title = {{Identifying Laplas Infrastructure Using Shodan and Censys}}, date = {2023-05-18}, organization = {Twitter (@embee_research)}, url = {https://embee-research.ghost.io/laplas-clipper-infrastructure/}, language = {English}, urldate = {2023-05-26} } Identifying Laplas Infrastructure Using Shodan and Censys
LaplasClipper
2023-05-07Twitter (@embee_research)Matthew
@online{matthew:20230507:agenttesla:65bf8af, author = {Matthew}, title = {{AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints}}, date = {2023-05-07}, organization = {Twitter (@embee_research)}, url = {https://embee-research.ghost.io/agenttesla-full-analysis-api-hashing/}, language = {English}, urldate = {2023-05-08} } AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla
2023-04-28Twitter (@MichalKoczwara)Michael Koczwara
@online{koczwara:20230428:hunting:8290d1c, author = {Michael Koczwara}, title = {{Tweet on hunting BRC4 infrastructure}}, date = {2023-04-28}, organization = {Twitter (@MichalKoczwara)}, url = {https://twitter.com/MichalKoczwara/status/1652067563545800705}, language = {English}, urldate = {2023-05-25} } Tweet on hunting BRC4 infrastructure
Brute Ratel C4
2023-04-28Twitter (@MalGamy12)Gameel Ali
@online{ali:20230428:explaning:21f000e, author = {Gameel Ali}, title = {{Tweet explaning similarity between Conti and Akira code}}, date = {2023-04-28}, organization = {Twitter (@MalGamy12)}, url = {https://twitter.com/MalGamy12/status/1651972583615602694}, language = {English}, urldate = {2023-05-25} } Tweet explaning similarity between Conti and Akira code
Akira
2023-04-18Twitter (@threatinsight)Threat Insight
@online{insight:20230418:ta581:745cfb5, author = {Threat Insight}, title = {{Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware}}, date = {2023-04-18}, organization = {Twitter (@threatinsight)}, url = {https://twitter.com/threatinsight/status/1648330456364883968}, language = {English}, urldate = {2023-04-22} } Tweet on TA581 using Keitaro TDS URL to download a .MSI file to deliver BumbleBee malware
BumbleBee
2023-04-18Twitter (@1ZRR4H)Germán Fernández
@online{fernndez:20230418:crosslock:647cd34, author = {Germán Fernández}, title = {{Tweet on CrossLock}}, date = {2023-04-18}, organization = {Twitter (@1ZRR4H)}, url = {https://twitter.com/1ZRR4H/status/1648232869809078273}, language = {English}, urldate = {2023-04-25} } Tweet on CrossLock
CrossLock
2023-04-16Twitter (@malwrhunterteam)MalwareHunterTeam
@online{malwarehunterteam:20230416:macos:d32010d, author = {MalwareHunterTeam}, title = {{Tweet on MacOS Lockbit sample}}, date = {2023-04-16}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1647384505550876675}, language = {English}, urldate = {2023-04-25} } Tweet on MacOS Lockbit sample
LockBit
2023-04-11Twitter (@Unit42_Intel)Unit42
@online{unit42:20230411:change:c20334e, author = {Unit42}, title = {{Tweet on change of IcedID backconnect traffic port from 8080 to 443}}, date = {2023-04-11}, organization = {Twitter (@Unit42_Intel)}, url = {https://twitter.com/Unit42_Intel/status/1645851799427874818}, language = {English}, urldate = {2023-04-18} } Tweet on change of IcedID backconnect traffic port from 8080 to 443
IcedID
2023-04-10Twitter (@embee_research)Matthew
@online{matthew:20230410:redline:397ebbf, author = {Matthew}, title = {{Redline Stealer - Static Analysis and C2 Extraction}}, date = {2023-04-10}, organization = {Twitter (@embee_research)}, url = {https://embee-research.ghost.io/redline-stealer-basic-static-analysis-and-c2-extraction/}, language = {English}, urldate = {2023-04-14} } Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer
2023-04-08Twitter (@embee_research)Embee_research
@online{embeeresearch:20230408:dcrat:8151f7a, author = {Embee_research}, title = {{Dcrat - Manual De-obfuscation of .NET Malware}}, date = {2023-04-08}, organization = {Twitter (@embee_research)}, url = {https://embee-research.ghost.io/dcrat-manual-de-obfuscation/}, language = {English}, urldate = {2023-04-10} } Dcrat - Manual De-obfuscation of .NET Malware
DCRat
2023-04-03Twitter (@kucher1n)Georgy Kucherin
@online{kucherin:20230403:alternative:280883c, author = {Georgy Kucherin}, title = {{Tweet on an alternative Guporam sample}}, date = {2023-04-03}, organization = {Twitter (@kucher1n)}, url = {https://twitter.com/kucher1n/status/1642886340105601029?t=3GCn-ZhDjqWEMXya_PKseg}, language = {English}, urldate = {2023-04-08} } Tweet on an alternative Guporam sample
Gopuram
2023-03-21Twitter (@splinter_code)Antonio Cocomazzi
@online{cocomazzi:20230321:blackbyte:f11b8c4, author = {Antonio Cocomazzi}, title = {{Tweet on BlackByte ransomware rewrite in C++}}, date = {2023-03-21}, organization = {Twitter (@splinter_code)}, url = {https://twitter.com/splinter_code/status/1628057204954652674}, language = {English}, urldate = {2023-03-24} } Tweet on BlackByte ransomware rewrite in C++
BlackByte
2023-03-18Twitter (@k3dg3)Kelsey Merriman
@online{merriman:20230318:ta579:3af0e58, author = {Kelsey Merriman}, title = {{Tweet on TA579 distributing AresLoader via WeTransfer URLs}}, date = {2023-03-18}, organization = {Twitter (@k3dg3)}, url = {https://twitter.com/k3dg3/status/1636873721200746496}, language = {English}, urldate = {2023-04-14} } Tweet on TA579 distributing AresLoader via WeTransfer URLs
AresLoader
2023-02-24Twitter (@Sebdraven)Sébastien Larinier
@online{larinier:20230224:ioctl:6389112, author = {Sébastien Larinier}, title = {{Tweet on IOCTL manipulation in TDL4 and HermeticWiper}}, date = {2023-02-24}, organization = {Twitter (@Sebdraven)}, url = {https://twitter.com/Sebdraven/status/1496878431719473155}, language = {English}, urldate = {2023-05-25} } Tweet on IOCTL manipulation in TDL4 and HermeticWiper
Alureon HermeticWiper
2023-02-17Twitter (@luc4m)Luca Mella
@online{mella:20230217:tweets:d3d9f65, author = {Luca Mella}, title = {{Tweets about Darkbit's intermittent encryption}}, date = {2023-02-17}, organization = {Twitter (@luc4m)}, url = {https://twitter.com/luc4m/status/1626535098039271425}, language = {English}, urldate = {2023-02-17} } Tweets about Darkbit's intermittent encryption
DarkBit
2023-01-18Twitter (@Gi7w0rm)Gi7w0rm
@online{gi7w0rm:20230118:long:7a6333e, author = {Gi7w0rm}, title = {{A long way to SectopRat}}, date = {2023-01-18}, organization = {Twitter (@Gi7w0rm)}, url = {https://medium.com/@gi7w0rm/a-long-way-to-sectoprat-eb2f0aad6ec8}, language = {English}, urldate = {2023-01-18} } A long way to SectopRat
SectopRAT
2023-01-16Twitter (@zachxbt)ZachXBT
@online{zachxbt:20230116:eth:953011c, author = {ZachXBT}, title = {{Tweet on ETH movement of Lazarus}}, date = {2023-01-16}, organization = {Twitter (@zachxbt)}, url = {https://twitter.com/zachxbt/status/1614771861266792449}, language = {English}, urldate = {2023-01-25} } Tweet on ETH movement of Lazarus
2023-01-13Twitter (@Ishusoka)Ishu
@online{ishu:20230113:tweets:31114ef, author = {Ishu}, title = {{Tweets on updates regarding Lumma Stealer}}, date = {2023-01-13}, organization = {Twitter (@Ishusoka)}, url = {https://twitter.com/Ishusoka/status/1614028229307928582}, language = {English}, urldate = {2023-01-18} } Tweets on updates regarding Lumma Stealer
Lumma Stealer
2023-01-09Twitter (@SethKingHi)SKII
@online{skii:20230109:huskloader:0ca3742, author = {SKII}, title = {{Tweet on HuskLoader}}, date = {2023-01-09}, organization = {Twitter (@SethKingHi)}, url = {https://twitter.com/SethKingHi/status/1612377098777133057}, language = {English}, urldate = {2023-04-28} } Tweet on HuskLoader
HuskLoader