Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-19Twitter (@VK_intel)Vitali Kremez
@online{kremez:20201119:trickbot:32c7d08, author = {Vitali Kremez}, title = {{Tweet on Trickbot Group pushing LIGHTBOT powershell script to gather information about AD Server}}, date = {2020-11-19}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1329511151202349057}, language = {English}, urldate = {2020-11-23} } Tweet on Trickbot Group pushing LIGHTBOT powershell script to gather information about AD Server
LightBot
2020-11-17Twitter (@VK_intel)Vitali Kremez
@online{kremez:20201117:new:2098c0a, author = {Vitali Kremez}, title = {{Tweet on a new fileless TrickBot loading method using code from MemoryModule}}, date = {2020-11-17}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1328578336021483522}, language = {English}, urldate = {2020-12-14} } Tweet on a new fileless TrickBot loading method using code from MemoryModule
TrickBot
2020-08-14Twitter (@VK_intel)Vitali Kremez
@online{kremez:20200814:zloader:cbd9ad5, author = {Vitali Kremez}, title = {{Tweet on Zloader infection leading to Cobaltstrike Installation}}, date = {2020-08-14}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1294320579311435776}, language = {English}, urldate = {2020-11-09} } Tweet on Zloader infection leading to Cobaltstrike Installation
Cobalt Strike Zloader
2020-06-17Twitter (@VK_intel)Vitali Kremez, malwrhunterteam
@online{kremez:20200617:signed:f8eecc6, author = {Vitali Kremez and malwrhunterteam}, title = {{Tweet on signed Tinymet payload (V.02) used by TA505}}, date = {2020-06-17}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1273292957429510150}, language = {English}, urldate = {2020-06-18} } Tweet on signed Tinymet payload (V.02) used by TA505
TinyMet
2020-05-04Twitter (@VK_intel)Vitali Kremez
@online{kremez:20200504:guloader:5d6f001, author = {Vitali Kremez}, title = {{GuLoader API Loader Algorithm}}, date = {2020-05-04}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1257206565146370050}, language = {English}, urldate = {2021-01-05} } GuLoader API Loader Algorithm
CloudEyE
2020-04-29Twitter (@VK_intel)Vitali Kremez
@online{kremez:20200429:some:2fb831b, author = {Vitali Kremez}, title = {{Some Insight into GuLoader family}}, date = {2020-04-29}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1255537954304524288}, language = {English}, urldate = {2021-01-05} } Some Insight into GuLoader family
CloudEyE
2020-04-21Twitter (@VK_intel)Vitali Kremez
@online{kremez:20200421:signed:0a546c1, author = {Vitali Kremez}, title = {{Tweet on Signed GuLoader}}, date = {2020-04-21}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1252678206852907011}, language = {English}, urldate = {2021-01-05} } Tweet on Signed GuLoader
CloudEyE
2019-12-02Twitter (@VK_intel)Vitali Kremez
@online{kremez:20191202:socelars:8d5d01c, author = {Vitali Kremez}, title = {{Tweet on Socelars Stealer}}, date = {2019-12-02}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1201584107928653824}, language = {English}, urldate = {2020-01-17} } Tweet on Socelars Stealer
Socelars
2019-11-05Twitter (@VK_intel)Vitali Kremez
@online{kremez:20191105:possible:e2886d4, author = {Vitali Kremez}, title = {{Tweet on Possible Snatch}}, date = {2019-11-05}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1191414501297528832}, language = {English}, urldate = {2020-01-08} } Tweet on Possible Snatch
Snatch
2019-10-11Twitter (@VK_intel)Vitali Kremez
@online{kremez:20191011:possible:3be065d, author = {Vitali Kremez}, title = {{Possible Lazarus x86 Malware (AppleJeus)}}, date = {2019-10-11}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1182730637016481793}, language = {English}, urldate = {2019-11-23} } Possible Lazarus x86 Malware (AppleJeus)
AppleJeus
2019-09-11Twitter (@VK_intel)Vitali Kremez
@online{kremez:20190911:stealeruploader:0d4c48f, author = {Vitali Kremez}, title = {{Tweet on Stealer/Uploader}}, date = {2019-09-11}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1171782155581689858}, language = {English}, urldate = {2020-01-07} } Tweet on Stealer/Uploader
Ryuk Stealer
2019-07-12Twitter (@VK_intel)Vitali Kremez
@online{kremez:20190712:atm:9918194, author = {Vitali Kremez}, title = {{ATM Malware Pin/PAN Card Offline Skimmer XFSADM}}, date = {2019-07-12}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1149454961740255232}, language = {English}, urldate = {2019-11-17} } ATM Malware Pin/PAN Card Offline Skimmer XFSADM
XFSADM
2019-06-19Twitter (@VK_intel)Vitali Kremez
@online{kremez:20190619:macho:641b90d, author = {Vitali Kremez}, title = {{Tweet on Mach-O & PE32 Payloads}}, date = {2019-06-19}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1141540229951709184}, language = {English}, urldate = {2020-01-07} } Tweet on Mach-O & PE32 Payloads
PowerCat
2019-04-25Twitter (@VK_intel)Vitali Kremez
@online{kremez:20190425:ransomware:4093d36, author = {Vitali Kremez}, title = {{Tweet on Ransomware}}, date = {2019-04-25}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1121440931759128576}, language = {English}, urldate = {2020-01-05} } Tweet on Ransomware
RobinHood
2019-01-17Twitter (@VK_intel)Vitali Kremez
@online{kremez:20190117:turla:1eff5e6, author = {Vitali Kremez}, title = {{Tweet on Turla Outlook Backdoor}}, date = {2019-01-17}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/1085820673811992576}, language = {English}, urldate = {2020-01-13} } Tweet on Turla Outlook Backdoor
Outlook Backdoor
2017-08-18Twitter (@VK_intel)Vitali Kremez
@online{kremez:20170818:extracted:cdbd2f4, author = {Vitali Kremez}, title = {{Tweet on extracted config from Gootkit}}, date = {2017-08-18}, organization = {Twitter (@VK_intel)}, url = {https://twitter.com/VK_Intel/status/898549340121288704}, language = {English}, urldate = {2020-01-06} } Tweet on extracted config from Gootkit
SnatchLoader