Click here to download all references as Bib-File.
2022-06-04 ⋅ kienmanowar Blog ⋅ [QuickNote] CobaltStrike SMB Beacon Analysis Cobalt Strike |
2022-05-20 ⋅ VinCSS ⋅ [RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam PlugX |
2022-04-25 ⋅ VinCSS ⋅ [RE026] A Deep Dive into Zloader - the Silent Night Zloader |
2022-03-21 ⋅ VinCSS ⋅ [QuickNote] Analysis of Pandora ransomware Pandora |
2022-02-24 ⋅ kienmanowar Blog ⋅ [QuickNote] Techniques for decrypting BazarLoader strings BazarBackdoor |
2022-01-26 ⋅ VinCSS ⋅ [QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam Unidentified 089 (Downloader) |
2022-01-23 ⋅ kienmanowar Blog ⋅ [QuickNote] Emotet epoch4 & epoch5 tactics Emotet |
2021-11-16 ⋅ Twitter (@kienbigmummy) ⋅ Tweet on short analysis of QakBot QakBot |
2021-10-27 ⋅ VinCSS ⋅ [RE025] TrickBot ... many tricks TrickBot |
2021-09-06 ⋅ kienmanowar Blog ⋅ Quick analysis CobaltStrike loader and shellcode Cobalt Strike |
2021-08-04 ⋅ kienmanowar Blog ⋅ [QuickNote] MountLocker – Some pseudo-code snippets Mount Locker |
2021-05-24 ⋅ VinCSS ⋅ [RE022] Part 1: Quick analysis of malicious sample forging the official dispatch of the Central Inspection Committee |
2021-05-11 ⋅ kienmanowar Blog ⋅ Quick analysis note about DealPly (Adware) DealPly |
2021-01-13 ⋅ VinCSS ⋅ [RE019] From A to X analyzing some real cases which used recent Emotet samples Emotet |
2020-09-11 ⋅ VinCSS ⋅ [RE016] Malware Analysis: ModiLoader DBatLoader |
2020-08-16 ⋅ kienmanowar Blog ⋅ Manual Unpacking IcedID Write-up IcedID |
2020-06-27 ⋅ kienmanowar Blog ⋅ Quick analysis note about GuLoader (or CloudEyE) CloudEyE |
2020-05-05 ⋅ VinCSS ⋅ GuLoader AntiVM Techniques CloudEyE |
2020-03-19 ⋅ VinCSS ⋅ Phân tích mã độc lợi dụng dịch Covid-19 để phát tán giả mạo “Chỉ thị của thủ tướng Nguyễn Xuân Phúc” - Phần 2 PlugX |
2020-03-10 ⋅ VinCSS ⋅ [RE012] Phân tích mã độc lợi dụng dịch Covid-19 để phát tán giả mạo “Chỉ thị của thủ tướng Nguyễn Xuân Phúc” - Phần 1 Unidentified 075 |