Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-06kienmanowar BlogTran Trung Kien, m4n0w4r
@online{kien:20230706:quicknote:20dc1f1, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Examining Formbook Campaign via Phishing Emails}}, date = {2023-07-06}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/07/06/quicknote-examining-formbook-campaign-via-phishing-emails/}, language = {English}, urldate = {2023-07-13} } [QuickNote] Examining Formbook Campaign via Phishing Emails
Formbook
2023-05-22kienmanowar Blogm4n0w4r
@online{m4n0w4r:20230522:case:c053ed3, author = {m4n0w4r}, title = {{[Case study] Decrypt strings using Dumpulator}}, date = {2023-05-22}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/05/22/case-study-decrypt-strings-using-dumpulator/}, language = {English}, urldate = {2023-05-25} } [Case study] Decrypt strings using Dumpulator
2023-04-08kienmanowar BlogTran Trung Kien, m4n0w4r
@online{kien:20230408:quicknote:e44f40f, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam}}, date = {2023-04-08}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/04/08/quicknote-uncovering-suspected-malware-distributed-by-individuals-from-vietnam/}, language = {English}, urldate = {2023-04-08} } [QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam
AsyncRAT DCRat WorldWind
2023-03-25kienmanowar BlogTran Trung Kien, m4n0w4r
@online{kien:20230325:quicknote:c2b9de4, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Decrypting the C2 configuration of Warzone RAT}}, date = {2023-03-25}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/03/25/quicknote-decrypting-the-c2-configuration-of-warzone-rat/}, language = {English}, urldate = {2023-03-27} } [QuickNote] Decrypting the C2 configuration of Warzone RAT
Ave Maria
2023-01-09kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20230109:quicknote:5a8b18c, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Another nice PlugX sample}}, date = {2023-01-09}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2023/01/09/quicknote-another-nice-plugx-sample/}, language = {English}, urldate = {2023-01-10} } [QuickNote] Another nice PlugX sample
PlugX
2022-12-27kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221227:diving:857147e, author = {m4n0w4r and Tran Trung Kien}, title = {{Diving into a PlugX sample of Mustang Panda group}}, date = {2022-12-27}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/27/diving-into-a-plugx-sample-of-mustang-panda-group/}, language = {English}, urldate = {2022-12-29} } Diving into a PlugX sample of Mustang Panda group
PlugX
2022-12-19kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221219:z2abimonthly:8edee72, author = {m4n0w4r and Tran Trung Kien}, title = {{[Z2A]Bimonthly malware challege – Emotet (Back From the Dead)}}, date = {2022-12-19}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/19/z2abimonthly-malware-challege-emotet-back-from-the-dead/}, language = {English}, urldate = {2022-12-20} } [Z2A]Bimonthly malware challege – Emotet (Back From the Dead)
Emotet
2022-12-17kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20221217:quicknote:9b33765, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] VidarStealer Analysis}}, date = {2022-12-17}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/12/17/quicknote-vidarstealer-analysis/}, language = {English}, urldate = {2022-12-19} } [QuickNote] VidarStealer Analysis
Vidar
2022-09-09Github (m4now4r)m4n0w4r
@techreport{m4n0w4r:20220909:mustang:120306a, author = {m4n0w4r}, title = {{“Mustang Panda” – Enemy at the gate}}, date = {2022-09-09}, institution = {Github (m4now4r)}, url = {https://raw.githubusercontent.com/m4now4r/Presentations/main/MustangPanda%20-%20Enemy%20at%20the%20gate_final.pdf}, language = {English}, urldate = {2022-09-26} } “Mustang Panda” – Enemy at the gate
PlugX
2022-06-04kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220604:quicknote:dc79142, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] CobaltStrike SMB Beacon Analysis}}, date = {2022-06-04}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/06/04/quicknote-cobaltstrike-smb-beacon-analysis-2/}, language = {English}, urldate = {2022-06-07} } [QuickNote] CobaltStrike SMB Beacon Analysis
Cobalt Strike
2022-05-20VinCSSm4n0w4r, Tran Trung Kien, Dang Dinh Phuong
@online{m4n0w4r:20220520:re027:38348db, author = {m4n0w4r and Tran Trung Kien and Dang Dinh Phuong}, title = {{[RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam}}, date = {2022-05-20}, organization = {VinCSS}, url = {https://blog.vincss.net/2022/05/re027-china-based-apt-mustang-panda-might-have-still-continued-their-attack-activities-against-organizations-in-Vietnam.html}, language = {English}, urldate = {2022-05-20} } [RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam
PlugX
2022-04-25VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220425:re026:6e05ed2, author = {m4n0w4r and Tran Trung Kien}, title = {{[RE026] A Deep Dive into Zloader - the Silent Night}}, date = {2022-04-25}, organization = {VinCSS}, url = {https://blog.vincss.net/2022/04/re026-a-deep-dive-into-zloader-the-silent-night.html}, language = {English}, urldate = {2022-04-25} } [RE026] A Deep Dive into Zloader - the Silent Night
Zloader
2022-03-21VinCSSTran Trung Kien, m4n0w4r
@online{kien:20220321:quicknote:4be36f8, author = {Tran Trung Kien and m4n0w4r}, title = {{[QuickNote] Analysis of Pandora ransomware}}, date = {2022-03-21}, organization = {VinCSS}, url = {https://kienmanowar.wordpress.com/2022/03/21/quicknote-analysis-of-pandora-ransomware/}, language = {English}, urldate = {2022-03-22} } [QuickNote] Analysis of Pandora ransomware
Pandora
2022-02-24kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220224:quicknote:bea9238, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Techniques for decrypting BazarLoader strings}}, date = {2022-02-24}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/02/24/quicknote-techniques-for-decrypting-bazarloader-strings/}, language = {English}, urldate = {2022-03-01} } [QuickNote] Techniques for decrypting BazarLoader strings
BazarBackdoor
2022-01-26VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220126:quicknote:caae223, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam}}, date = {2022-01-26}, organization = {VinCSS}, url = {https://kienmanowar.wordpress.com/2022/01/26/quicknote-analysis-of-malware-suspected-to-be-an-apt-attack-targeting-vietnam/}, language = {English}, urldate = {2023-07-24} } [QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam
5.t Downloader
2022-01-23kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220123:quicknote:852995b, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Emotet epoch4 & epoch5 tactics}}, date = {2022-01-23}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/01/23/quicknote-emotet-epoch4-epoch5-tactics/}, language = {English}, urldate = {2022-01-25} } [QuickNote] Emotet epoch4 & epoch5 tactics
Emotet
2021-11-16Twitter (@kienbigmummy)m4n0w4r
@online{m4n0w4r:20211116:short:97d45fa, author = {m4n0w4r}, title = {{Tweet on short analysis of QakBot}}, date = {2021-11-16}, organization = {Twitter (@kienbigmummy)}, url = {https://twitter.com/kienbigmummy/status/1460537501676802051}, language = {English}, urldate = {2021-11-19} } Tweet on short analysis of QakBot
QakBot
2021-10-27VinCSSm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20211027:re025:52c8a55, author = {m4n0w4r and Tran Trung Kien}, title = {{[RE025] TrickBot ... many tricks}}, date = {2021-10-27}, organization = {VinCSS}, url = {https://blog.vincss.net/2021/10/re025-trickbot-many-tricks.html}, language = {English}, urldate = {2021-11-02} } [RE025] TrickBot ... many tricks
TrickBot
2021-09-06kienmanowar Blogm4n0w4r
@online{m4n0w4r:20210906:quick:0a892b2, author = {m4n0w4r}, title = {{Quick analysis CobaltStrike loader and shellcode}}, date = {2021-09-06}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2021/09/06/quick-analysis-cobaltstrike-loader-and-shellcode/}, language = {English}, urldate = {2021-09-10} } Quick analysis CobaltStrike loader and shellcode
Cobalt Strike
2021-08-04kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20210804:quicknote:791df11, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] MountLocker – Some pseudo-code snippets}}, date = {2021-08-04}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2021/08/04/quicknote-mountlocker-some-pseudo-code-snippets/}, language = {English}, urldate = {2021-09-09} } [QuickNote] MountLocker – Some pseudo-code snippets
Mount Locker