Click here to download all references as Bib-File.
2023-07-06 ⋅ kienmanowar Blog ⋅ [QuickNote] Examining Formbook Campaign via Phishing Emails Formbook |
2023-05-22 ⋅ kienmanowar Blog ⋅ [Case study] Decrypt strings using Dumpulator |
2023-04-08 ⋅ kienmanowar Blog ⋅ [QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam AsyncRAT DCRat WorldWind |
2023-03-25 ⋅ kienmanowar Blog ⋅ [QuickNote] Decrypting the C2 configuration of Warzone RAT Ave Maria |
2023-01-09 ⋅ kienmanowar Blog ⋅ [QuickNote] Another nice PlugX sample PlugX |
2022-12-27 ⋅ kienmanowar Blog ⋅ Diving into a PlugX sample of Mustang Panda group PlugX |
2022-12-19 ⋅ kienmanowar Blog ⋅ [Z2A]Bimonthly malware challege – Emotet (Back From the Dead) Emotet |
2022-12-17 ⋅ kienmanowar Blog ⋅ [QuickNote] VidarStealer Analysis Vidar |
2022-06-04 ⋅ kienmanowar Blog ⋅ [QuickNote] CobaltStrike SMB Beacon Analysis Cobalt Strike |
2022-02-24 ⋅ kienmanowar Blog ⋅ [QuickNote] Techniques for decrypting BazarLoader strings BazarBackdoor |
2022-01-23 ⋅ kienmanowar Blog ⋅ [QuickNote] Emotet epoch4 & epoch5 tactics Emotet |
2021-09-06 ⋅ kienmanowar Blog ⋅ Quick analysis CobaltStrike loader and shellcode Cobalt Strike |
2021-08-04 ⋅ kienmanowar Blog ⋅ [QuickNote] MountLocker – Some pseudo-code snippets Mount Locker |
2021-05-11 ⋅ kienmanowar Blog ⋅ Quick analysis note about DealPly (Adware) DealPly |
2020-08-16 ⋅ kienmanowar Blog ⋅ Manual Unpacking IcedID Write-up IcedID |
2020-06-27 ⋅ kienmanowar Blog ⋅ Quick analysis note about GuLoader (or CloudEyE) CloudEyE |