Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-08VMRayPatrick Staubmann
@online{staubmann:20230608:busy:b9f7911, author = {Patrick Staubmann}, title = {{Busy Bees - The Transformation of BumbleBee}}, date = {2023-06-08}, organization = {VMRay}, url = {https://www.first.org/resources/papers/conf2023/FIRSTCON23-TLPCLEAR-Staubmann-Busy-Bees.pptx}, language = {English}, urldate = {2023-08-15} } Busy Bees - The Transformation of BumbleBee
BumbleBee Cobalt Strike Conti Meterpreter Sliver
2022-09-12VMRayPascal Brackmann
@online{brackmann:20220912:evolution:df38f6a, author = {Pascal Brackmann}, title = {{The evolution of GuLoader}}, date = {2022-09-12}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/malware-analysis-spotlight-guloader}, language = {English}, urldate = {2022-09-19} } The evolution of GuLoader
CloudEyE
2022-02-02VMRayVMRay Labs Team, Mateusz Lukaszewski
@online{team:20220202:malware:0eef3c2, author = {VMRay Labs Team and Mateusz Lukaszewski}, title = {{Malware Analysis Spotlight: Emotet’s Use of Cryptography}}, date = {2022-02-02}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/malware-analysis-spotlight-emotets-use-of-cryptography/}, language = {English}, urldate = {2022-02-09} } Malware Analysis Spotlight: Emotet’s Use of Cryptography
Emotet
2022-01-06VMRayVMRay Labs Team
@online{team:20220106:malware:f4efbd5, author = {VMRay Labs Team}, title = {{Malware Analysis Spotlight: XLoader’ Cross-platform Support Utilizing XBinder}}, date = {2022-01-06}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/malware-analysis-spotlight-xbinder-xloader/}, language = {English}, urldate = {2022-01-25} } Malware Analysis Spotlight: XLoader’ Cross-platform Support Utilizing XBinder
Xloader
2022-01-05VMRayVMRay Labs Team
@online{team:20220105:malware:10b9c64, author = {VMRay Labs Team}, title = {{Malware Analysis Spotlight: Kuzuluy Phishing Kit}}, date = {2022-01-05}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/malware-analysis-spotlight-kuzuluy-phishing-kit/}, language = {English}, urldate = {2022-01-25} } Malware Analysis Spotlight: Kuzuluy Phishing Kit
2021-07-20VMRayMateusz Lukaszewski
@online{lukaszewski:20210720:hancitors:1baf2f1, author = {Mateusz Lukaszewski}, title = {{Hancitor’s Multi-Step Delivery Process}}, date = {2021-07-20}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/hancitor-multi-step-delivery-process-malware-analysis-spotlight/}, language = {English}, urldate = {2021-08-02} } Hancitor’s Multi-Step Delivery Process
Hancitor
2021-05-11VMRayVMRay Labs Team, Mateusz Lukaszewski
@online{team:20210511:threat:2b02a9b, author = {VMRay Labs Team and Mateusz Lukaszewski}, title = {{Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3}}, date = {2021-05-11}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/threat-bulletin-agent-tesla/}, language = {English}, urldate = {2021-08-20} } Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3
Agent Tesla
2020-12-15VMRayVMRay Labs Team
@online{team:20201215:malware:1726d05, author = {VMRay Labs Team}, title = {{Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant)}}, date = {2020-12-15}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/hentai-oniichan-ransomware-berserker-malware-analysis-spotlight/}, language = {English}, urldate = {2021-01-11} } Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant)
2020-11-18VMRayVMRay Labs Team, Pascal Brackmann, Mateusz Lukaszewski
@online{team:20201118:malware:2c9a122, author = {VMRay Labs Team and Pascal Brackmann and Mateusz Lukaszewski}, title = {{Malware Analysis Spotlight: AZORult Delivered by GuLoader}}, date = {2020-11-18}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/azorult-delivered-by-guloader-malware-analysis-spotlight/}, language = {English}, urldate = {2022-02-14} } Malware Analysis Spotlight: AZORult Delivered by GuLoader
Azorult CloudEyE
2020-11-04VMRayGiovanni Vigna
@online{vigna:20201104:trick:a59a333, author = {Giovanni Vigna}, title = {{Trick or Threat: Ryuk ransomware targets the health care industry}}, date = {2020-11-04}, organization = {VMRay}, url = {https://blogs.vmware.com/networkvirtualization/2020/11/trick-or-threat-ryuk-ransomware-targets-the-health-care-industry.html/}, language = {English}, urldate = {2020-11-06} } Trick or Threat: Ryuk ransomware targets the health care industry
BazarBackdoor Cobalt Strike Ryuk TrickBot
2020-07-09VMRayPascal Brackmann
@online{brackmann:20200709:threat:dc4f44e, author = {Pascal Brackmann}, title = {{Threat Bulletin: Dissecting GuLoader’s Evasion Techniques}}, date = {2020-07-09}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/guloader-evasion-techniques-threat-bulletin/}, language = {English}, urldate = {2021-01-10} } Threat Bulletin: Dissecting GuLoader’s Evasion Techniques
CloudEyE
2020-07-01VMRayJohn Faria
@online{faria:20200701:threat:54ff8db, author = {John Faria}, title = {{Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba}}, date = {2020-07-01}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/cutting-off-command-and-control-infrastructure-collectorgoomba-threat-bulletin}, language = {English}, urldate = {2020-07-02} } Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba
2020-07-01VMRayJohn Faria
@online{faria:20200701:threat:b9163dc, author = {John Faria}, title = {{Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba}}, date = {2020-07-01}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/cutting-off-command-and-control-infrastructure-collectorgoomba-threat-bulletin/}, language = {English}, urldate = {2020-07-02} } Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba
CollectorGoomba
2020-05-13VMRayVMRay Labs Team
@online{team:20200513:malware:c3e6bb4, author = {VMRay Labs Team}, title = {{Malware Analysis Spotlight: Rhino Ransomware}}, date = {2020-05-13}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/rhino-ransomware-malware-analysis-spotlight/}, language = {English}, urldate = {2020-05-18} } Malware Analysis Spotlight: Rhino Ransomware
Rhino
2019-06-25VMRayTamas Boczan
@online{boczan:20190625:analyzing:fe5a161, author = {Tamas Boczan}, title = {{Analyzing Ursnif’s Behavior Using a Malware Sandbox}}, date = {2019-06-25}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/analyzing-ursnif-behavior-malware-sandbox/}, language = {English}, urldate = {2019-12-17} } Analyzing Ursnif’s Behavior Using a Malware Sandbox
ISFB
2019-06-02VMRayFelix Seele
@techreport{seele:20190602:hypervisorbased:04c1731, author = {Felix Seele}, title = {{Hypervisor-based Analysis of macOS Malware}}, date = {2019-06-02}, institution = {VMRay}, url = {https://objectivebythesea.com/v2/talks/OBTS_v2_Seele.pdf}, language = {English}, urldate = {2020-01-07} } Hypervisor-based Analysis of macOS Malware
Coldroot RAT
2019-05-08VMRayFrancis Montesino
@online{montesino:20190508:get:ed8ceb4, author = {Francis Montesino}, title = {{Get Smart with Enhanced Memory Dumping in VMRay Analyzer 3.0}}, date = {2019-05-08}, organization = {VMRay}, url = {https://www.vmray.com/cyber-security-blog/smart-memory-dumping/}, language = {English}, urldate = {2020-01-13} } Get Smart with Enhanced Memory Dumping in VMRay Analyzer 3.0
Remcos
2018-06-05VMRayTamas Boczan
@online{boczan:20180605:evolution:372e566, author = {Tamas Boczan}, title = {{The Evolution of GandCrab Ransomware}}, date = {2018-06-05}, organization = {VMRay}, url = {http://www.vmray.com/cyber-security-blog/gandcrab-ransomware-evolution-analysis/}, language = {English}, urldate = {2019-11-20} } The Evolution of GandCrab Ransomware