Click here to download all references as Bib-File.
2019-03-28 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Dissecting Operation ShadowHammer Shellcode Internals in crt_ExitProcess shadowhammer |
2018-12-10 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Reviewing Sofacy's "Zebrocy" C++ Loader: Advanced Insight Zebrocy |
2018-11-27 ⋅ Vitali Kremez Blog ⋅ Let's Learn: In-Depth on Sofacy Cannon Loader/Backdoor Review Cannon |
2018-11-13 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Dissect Panda Banking Malware's "libinject" Process Injection Module |
2018-10-31 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Exploring ZeusVM Banking Malware Hooking Engine |
2018-08-20 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Dissecting Panda Banker & Modules: Webinject, Grabber & Keylogger DLL Modules PandaBanker |
2018-08-05 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Diving into the Latest "Ramnit" Banker Malware via "sLoad" PowerShell sLoad |
2018-07-29 ⋅ Vitali Kremez Blog ⋅ Let's Learn: In-Depth Reversing of Qakbot "qbot" Banker Part 1 QakBot |
2018-04-13 ⋅ Vitali Kremez Blog ⋅ Let's Learn: In-Depth Dive into Gootkit Banker Version 4 Malware Analysis |
2018-04-03 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Trickbot Implements Network Collector Module Leveraging CMD, WMI & LDAP TrickBot |
2018-03-25 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Internals of Iranian-Based Threat Group "Chafer" Malware: Autoit and PowerShell Persistence OilRig |
2018-01-29 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Dissecting FormBook Infostealer Malware: Crypter & "RunLib.dll" Formbook |
2017-12-19 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Introducing New Trickbot LDAP "DomainGrabber" Module TrickBot |
2017-12-13 ⋅ Vitali Kremez Blog ⋅ Update: Let's Learn: Reversing FIN6 "GratefulPOS" aka "FrameworkPOS" Point-of-Sale Malware in-Depth Grateful POS |
2017-11-12 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Dissecting Golroted Trojan's Process Hollowing Technique & UAC Bypass in HKCU\Environment Golroted |
2017-11-05 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Lethic Spambot & Survey of Anti-Analysis Techniques Lethic |
2017-07-24 ⋅ Vitali Kremez Blog ⋅ Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2' Azorult |