Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-03-28Vitali Kremez BlogVitali Kremez
@online{kremez:20190328:lets:9a07122, author = {Vitali Kremez}, title = {{Let's Learn: Dissecting Operation ShadowHammer Shellcode Internals in crt_ExitProcess}}, date = {2019-03-28}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2019/03/lets-learn-dissecting-operation.html}, language = {English}, urldate = {2020-01-10} } Let's Learn: Dissecting Operation ShadowHammer Shellcode Internals in crt_ExitProcess
shadowhammer
2018-12-10Vitali Kremez BlogVitali Kremez
@online{kremez:20181210:lets:f947fb1, author = {Vitali Kremez}, title = {{Let's Learn: Reviewing Sofacy's "Zebrocy" C++ Loader: Advanced Insight}}, date = {2018-12-10}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/12/lets-learn-reviewing-sofacys-zebrocy-c.html}, language = {English}, urldate = {2020-01-09} } Let's Learn: Reviewing Sofacy's "Zebrocy" C++ Loader: Advanced Insight
Zebrocy
2018-11-27Vitali Kremez BlogVitali Kremez
@online{kremez:20181127:lets:e9928d7, author = {Vitali Kremez}, title = {{Let's Learn: In-Depth on Sofacy Cannon Loader/Backdoor Review}}, date = {2018-11-27}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/11/lets-learn-in-depth-on-sofacy-canon.html}, language = {English}, urldate = {2020-01-13} } Let's Learn: In-Depth on Sofacy Cannon Loader/Backdoor Review
Cannon
2018-11-13Vitali Kremez BlogVitali Kremez
@online{kremez:20181113:lets:dd6d4d7, author = {Vitali Kremez}, title = {{Let's Learn: Dissect Panda Banking Malware's "libinject" Process Injection Module}}, date = {2018-11-13}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2018/01/lets-learn-dissect-panda-banking.html}, language = {English}, urldate = {2020-01-13} } Let's Learn: Dissect Panda Banking Malware's "libinject" Process Injection Module
2018-10-31Vitali Kremez BlogVitali Kremez
@online{kremez:20181031:lets:e59c3f8, author = {Vitali Kremez}, title = {{Let's Learn: Exploring ZeusVM Banking Malware Hooking Engine}}, date = {2018-10-31}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/10/lets-learn-exploring-zeusvm-banking.html}, language = {English}, urldate = {2019-12-24} } Let's Learn: Exploring ZeusVM Banking Malware Hooking Engine
2018-08-20Vitali Kremez BlogVitali Kremez
@online{kremez:20180820:lets:d3f938c, author = {Vitali Kremez}, title = {{Let's Learn: Dissecting Panda Banker & Modules: Webinject, Grabber & Keylogger DLL Modules}}, date = {2018-08-20}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/08/lets-learn-dissecting-panda-banker.html}, language = {English}, urldate = {2019-10-23} } Let's Learn: Dissecting Panda Banker & Modules: Webinject, Grabber & Keylogger DLL Modules
PandaBanker
2018-08-05Vitali Kremez BlogVitali Kremez
@online{kremez:20180805:lets:489101d, author = {Vitali Kremez}, title = {{Let's Learn: Diving into the Latest "Ramnit" Banker Malware via "sLoad" PowerShell}}, date = {2018-08-05}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/08/lets-learn-in-depth-into-latest-ramnit.html}, language = {English}, urldate = {2020-01-10} } Let's Learn: Diving into the Latest "Ramnit" Banker Malware via "sLoad" PowerShell
sLoad
2018-07-29Vitali Kremez BlogVitali Kremez
@online{kremez:20180729:lets:8f04eed, author = {Vitali Kremez}, title = {{Let's Learn: In-Depth Reversing of Qakbot "qbot" Banker Part 1}}, date = {2018-07-29}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/07/lets-learn-in-depth-reversing-of-qakbot.html}, language = {English}, urldate = {2020-01-06} } Let's Learn: In-Depth Reversing of Qakbot "qbot" Banker Part 1
QakBot
2018-04-13Vitali Kremez BlogVitali Kremez
@online{kremez:20180413:lets:3dd37f4, author = {Vitali Kremez}, title = {{Let's Learn: In-Depth Dive into Gootkit Banker Version 4 Malware Analysis}}, date = {2018-04-13}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2018/04/lets-learn-in-depth-dive-into-gootkit.html}, language = {English}, urldate = {2019-10-23} } Let's Learn: In-Depth Dive into Gootkit Banker Version 4 Malware Analysis
2018-04-03Vitali Kremez BlogVitali Kremez
@online{kremez:20180403:lets:b45dd50, author = {Vitali Kremez}, title = {{Let's Learn: Trickbot Implements Network Collector Module Leveraging CMD, WMI & LDAP}}, date = {2018-04-03}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2018/04/lets-learn-trickbot-implements-network.html}, language = {English}, urldate = {2019-07-27} } Let's Learn: Trickbot Implements Network Collector Module Leveraging CMD, WMI & LDAP
TrickBot
2018-03-25Vitali Kremez BlogVitali Kremez
@online{kremez:20180325:lets:070366d, author = {Vitali Kremez}, title = {{Let's Learn: Internals of Iranian-Based Threat Group "Chafer" Malware: Autoit and PowerShell Persistence}}, date = {2018-03-25}, organization = {Vitali Kremez Blog}, url = {https://www.vkremez.com/2018/03/investigating-iranian-threat-group.html}, language = {English}, urldate = {2019-10-13} } Let's Learn: Internals of Iranian-Based Threat Group "Chafer" Malware: Autoit and PowerShell Persistence
OilRig
2018-01-29Vitali Kremez BlogVitali Kremez
@online{kremez:20180129:lets:450880d, author = {Vitali Kremez}, title = {{Let's Learn: Dissecting FormBook Infostealer Malware: Crypter & "RunLib.dll"}}, date = {2018-01-29}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2018/01/lets-learn-dissecting-formbook.html}, language = {English}, urldate = {2020-01-10} } Let's Learn: Dissecting FormBook Infostealer Malware: Crypter & "RunLib.dll"
Formbook
2017-12-19Vitali Kremez BlogVitali Kremez
@online{kremez:20171219:lets:030e09a, author = {Vitali Kremez}, title = {{Let's Learn: Introducing New Trickbot LDAP "DomainGrabber" Module}}, date = {2017-12-19}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2017/12/lets-learn-introducing-new-trickbot.html}, language = {English}, urldate = {2019-11-23} } Let's Learn: Introducing New Trickbot LDAP "DomainGrabber" Module
TrickBot
2017-12-13Vitali Kremez BlogVitali Kremez
@online{kremez:20171213:update:50a1f16, author = {Vitali Kremez}, title = {{Update: Let's Learn: Reversing FIN6 "GratefulPOS" aka "FrameworkPOS" Point-of-Sale Malware in-Depth}}, date = {2017-12-13}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2017/12/lets-learn-reversing-grateful-point-of.html}, language = {English}, urldate = {2020-01-08} } Update: Let's Learn: Reversing FIN6 "GratefulPOS" aka "FrameworkPOS" Point-of-Sale Malware in-Depth
Grateful POS
2017-11-12Vitali Kremez BlogVitali Kremez
@online{kremez:20171112:lets:4db8d74, author = {Vitali Kremez}, title = {{Let's Learn: Dissecting Golroted Trojan's Process Hollowing Technique & UAC Bypass in HKCU\Environment}}, date = {2017-11-12}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2017/11/lets-learn-dissecting-golroted-trojans.html}, language = {English}, urldate = {2020-01-06} } Let's Learn: Dissecting Golroted Trojan's Process Hollowing Technique & UAC Bypass in HKCU\Environment
Golroted
2017-11-05Vitali Kremez BlogVitali Kremez
@online{kremez:20171105:lets:c732c05, author = {Vitali Kremez}, title = {{Let's Learn: Lethic Spambot & Survey of Anti-Analysis Techniques}}, date = {2017-11-05}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2017/11/lets-learn-lethic-spambot-survey-of.html}, language = {English}, urldate = {2020-01-07} } Let's Learn: Lethic Spambot & Survey of Anti-Analysis Techniques
Lethic
2017-07-24Vitali Kremez BlogVitali Kremez
@online{kremez:20170724:lets:8b64c6c, author = {Vitali Kremez}, title = {{Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2'}}, date = {2017-07-24}, organization = {Vitali Kremez Blog}, url = {http://www.vkremez.com/2017/07/lets-learn-reversing-credential-and.html}, language = {English}, urldate = {2020-01-06} } Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2'
Azorult