Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-30hasherezade's 1001 nightshasherezade
@online{hasherezade:20230330:magniber:1005a71, author = {hasherezade}, title = {{Magniber ransomware analysis: Tiny Tracer in action}}, date = {2023-03-30}, organization = {hasherezade's 1001 nights}, url = {https://hshrzd.wordpress.com/2023/03/30/magniber-ransomware-analysis/}, language = {English}, urldate = {2023-04-28} } Magniber ransomware analysis: Tiny Tracer in action
Magniber
2021-07-23Malwarebyteshasherezade
@online{hasherezade:20210723:avoslocker:54f3a60, author = {hasherezade}, title = {{AvosLocker enters the ransomware scene, asks for partners}}, date = {2021-07-23}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/07/avoslocker-enters-the-ransomware-scene-asks-for-partners/}, language = {English}, urldate = {2021-07-26} } AvosLocker enters the ransomware scene, asks for partners
AvosLocker
2020-11-30Malwarebyteshasherezade, Jérôme Segura
@online{hasherezade:20201130:german:72b40c6, author = {hasherezade and Jérôme Segura}, title = {{German users targeted with Gootkit banker or REvil ransomware}}, date = {2020-11-30}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2020/11/german-users-targeted-with-gootkit-banker-or-revil-ransomware/}, language = {English}, urldate = {2020-12-03} } German users targeted with Gootkit banker or REvil ransomware
GootKit REvil
2020-10-28MalwarebytesJérôme Segura, Hossein Jazi, hasherezade, Marcelo Rivero
@online{segura:20201028:fake:b7a76ac, author = {Jérôme Segura and Hossein Jazi and hasherezade and Marcelo Rivero}, title = {{Fake COVID-19 survey hides ransomware in Canadian university attack}}, date = {2020-10-28}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2020/10/fake-covid-19-survey-hides-ransomware-in-canadian-university-attack/}, language = {English}, urldate = {2020-10-29} } Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen
2020-05-31Malwarebyteshasherezade
@online{hasherezade:20200531:revisiting:cb8df95, author = {hasherezade}, title = {{Revisiting the NSIS-based crypter}}, date = {2020-05-31}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2021/05/revisiting-the-nsis-based-crypter/}, language = {English}, urldate = {2021-06-09} } Revisiting the NSIS-based crypter
Formbook
2020-05-21Malwarebyteshasherezade, prsecurity
@techreport{hasherezade:20200521:silent:95b5ce7, author = {hasherezade and prsecurity}, title = {{The “Silent Night” Zloader/Zbot}}, date = {2020-05-21}, institution = {Malwarebytes}, url = {https://resources.malwarebytes.com/files/2020/05/The-Silent-Night-Zloader-Zbot_Final.pdf}, language = {English}, urldate = {2020-05-23} } The “Silent Night” Zloader/Zbot
Zloader
2019-08-15Malwarebyteshasherezade
@online{hasherezade:20190815:hidden:d93c104, author = {hasherezade}, title = {{The Hidden Bee infection chain, part 1: the stegano pack}}, date = {2019-08-15}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2019/08/the-hidden-bee-infection-chain-part-1-the-stegano-pack/}, language = {English}, urldate = {2019-12-20} } The Hidden Bee infection chain, part 1: the stegano pack
Hidden Bee
2019-07-24Malwarebyteshasherezade
@online{hasherezade:20190724:deep:c7d1aed, author = {hasherezade}, title = {{A deep dive into Phobos ransomware}}, date = {2019-07-24}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2019/07/a-deep-dive-into-phobos-ransomware/}, language = {English}, urldate = {2020-01-13} } A deep dive into Phobos ransomware
Phobos
2019-05-31Malwarebyteshasherezade
@online{hasherezade:20190531:hidden:14f8a1c, author = {hasherezade}, title = {{Hidden Bee: Let’s go down the rabbit hole}}, date = {2019-05-31}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2019/05/hidden-bee-lets-go-down-the-rabbit-hole/}, language = {English}, urldate = {2019-12-20} } Hidden Bee: Let’s go down the rabbit hole
Hidden Bee
2019-04-06Youtube (hasherezade)hasherezade
@online{hasherezade:20190406:unpacking:dc6a1be, author = {hasherezade}, title = {{Unpacking ISFB (including the custom 'PX' format)}}, date = {2019-04-06}, organization = {Youtube (hasherezade)}, url = {https://www.youtube.com/watch?v=KvOpNznu_3w}, language = {English}, urldate = {2019-11-29} } Unpacking ISFB (including the custom 'PX' format)
ISFB
2019-03-21Youtube (hasherezade)hasherezade
@online{hasherezade:20190321:unpacking:8c38703, author = {hasherezade}, title = {{Unpacking Baldr stealer}}, date = {2019-03-21}, organization = {Youtube (hasherezade)}, url = {https://www.youtube.com/watch?v=E2V4kB_gtcQ}, language = {English}, urldate = {2019-07-11} } Unpacking Baldr stealer
Baldr
2018-11-12Malwarebyteshasherezade
@online{hasherezade:20181112:whats:e44d5f3, author = {hasherezade}, title = {{What’s new in TrickBot? Deobfuscating elements}}, date = {2018-11-12}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/malware-threat-analysis/2018/11/whats-new-trickbot-deobfuscating-elements/}, language = {English}, urldate = {2019-12-20} } What’s new in TrickBot? Deobfuscating elements
TrickBot
2018-08-30Malwarebyteshasherezade
@online{hasherezade:20180830:reversing:21b283b, author = {hasherezade}, title = {{Reversing malware in a custom format: Hidden Bee elements}}, date = {2018-08-30}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/08/reversing-malware-in-a-custom-format-hidden-bee-elements/}, language = {English}, urldate = {2022-02-01} } Reversing malware in a custom format: Hidden Bee elements
Hidden Bee
2018-07-26Malwarebyteshasherezade, Jérôme Segura
@online{hasherezade:20180726:hidden:76d28ed, author = {hasherezade and Jérôme Segura}, title = {{‘Hidden Bee’ miner delivered via improved drive-by download toolkit}}, date = {2018-07-26}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/07/hidden-bee-miner-delivered-via-improved-drive-by-download-toolkit/}, language = {English}, urldate = {2019-10-21} } ‘Hidden Bee’ miner delivered via improved drive-by download toolkit
Hidden Bee
2018-03-31Youtube (hasherezade)hasherezade
@online{hasherezade:20180331:deobfuscating:39c1be0, author = {hasherezade}, title = {{Deobfuscating TrickBot's strings with libPeConv}}, date = {2018-03-31}, organization = {Youtube (hasherezade)}, url = {https://www.youtube.com/watch?v=KMcSAlS9zGE}, language = {English}, urldate = {2020-01-13} } Deobfuscating TrickBot's strings with libPeConv
TrickBot
2018-03-19hasherezade
@online{hasherezade:20180319:unpacking:150cdac, author = {hasherezade}, title = {{Unpacking Ursnif}}, date = {2018-03-19}, url = {https://www.youtube.com/watch?v=jlc7Ahp8Iqg}, language = {English}, urldate = {2019-12-24} } Unpacking Ursnif
ISFB
2018-03-01Malwarebyteshasherezade
@online{hasherezade:20180301:blast:6bec8e3, author = {hasherezade}, title = {{Blast from the past: stowaway Virut delivered with Chinese DDoS bot}}, date = {2018-03-01}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/03/blast-from-the-past-stowaway-virut-delivered-with-chinese-ddos-bot/}, language = {English}, urldate = {2019-12-20} } Blast from the past: stowaway Virut delivered with Chinese DDoS bot
Virut
2018-02-23Malwarebyteshasherezade
@online{hasherezade:20180223:avzhan:299cc86, author = {hasherezade}, title = {{Avzhan DDoS bot dropped by Chinese drive-by attack}}, date = {2018-02-23}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/02/avzhan-ddos-bot-dropped-by-chinese-drive-by-attack/}, language = {English}, urldate = {2019-12-20} } Avzhan DDoS bot dropped by Chinese drive-by attack
Avzhan
2018-01-17Malwarebyteshasherezade
@online{hasherezade:20180117:coin:6f17887, author = {hasherezade}, title = {{A coin miner with a “Heaven’s Gate”}}, date = {2018-01-17}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/01/a-coin-miner-with-a-heavens-gate/}, language = {English}, urldate = {2022-01-24} } A coin miner with a “Heaven’s Gate”
Coinminer
2018-01Malwarebyteshasherezade
@online{hasherezade:201801:coin:7ef1583, author = {hasherezade}, title = {{A coin miner with a “Heaven’s Gate”}}, date = {2018-01}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/threat-analysis/2018/01/a-coin-miner-with-a-heavens-gate/amp/}, language = {English}, urldate = {2019-12-04} } A coin miner with a “Heaven’s Gate”
Coinminer