Click here to download all references as Bib-File.
2023-01-09 ⋅ kienmanowar Blog ⋅ [QuickNote] Another nice PlugX sample PlugX |
2022-12-27 ⋅ kienmanowar Blog ⋅ Diving into a PlugX sample of Mustang Panda group PlugX |
2022-12-19 ⋅ kienmanowar Blog ⋅ [Z2A]Bimonthly malware challege – Emotet (Back From the Dead) Emotet |
2022-12-17 ⋅ kienmanowar Blog ⋅ [QuickNote] VidarStealer Analysis Vidar |
2022-09-09 ⋅ Github (m4now4r) ⋅ “Mustang Panda” – Enemy at the gate PlugX |
2022-06-04 ⋅ kienmanowar Blog ⋅ [QuickNote] CobaltStrike SMB Beacon Analysis Cobalt Strike |
2022-05-20 ⋅ VinCSS ⋅ [RE027] China-based APT Mustang Panda might have still continued their attack activities against organizations in Vietnam PlugX |
2022-04-25 ⋅ VinCSS ⋅ [RE026] A Deep Dive into Zloader - the Silent Night Zloader |
2022-03-21 ⋅ VinCSS ⋅ [QuickNote] Analysis of Pandora ransomware Pandora |
2022-02-24 ⋅ kienmanowar Blog ⋅ [QuickNote] Techniques for decrypting BazarLoader strings BazarBackdoor |
2022-01-26 ⋅ VinCSS ⋅ [QuickNote] Analysis of malware suspected to be an APT attack targeting Vietnam Unidentified 089 (Downloader) |
2022-01-23 ⋅ kienmanowar Blog ⋅ [QuickNote] Emotet epoch4 & epoch5 tactics Emotet |
2021-11-16 ⋅ Twitter (@kienbigmummy) ⋅ Tweet on short analysis of QakBot QakBot |
2021-10-27 ⋅ VinCSS ⋅ [RE025] TrickBot ... many tricks TrickBot |
2021-09-06 ⋅ kienmanowar Blog ⋅ Quick analysis CobaltStrike loader and shellcode Cobalt Strike |
2021-08-04 ⋅ kienmanowar Blog ⋅ [QuickNote] MountLocker – Some pseudo-code snippets Mount Locker |
2021-05-24 ⋅ VinCSS ⋅ [RE022] Part 1: Quick analysis of malicious sample forging the official dispatch of the Central Inspection Committee |
2021-05-11 ⋅ kienmanowar Blog ⋅ Quick analysis note about DealPly (Adware) DealPly |
2021-01-13 ⋅ VinCSS ⋅ [RE019] From A to X analyzing some real cases which used recent Emotet samples Emotet |
2020-09-11 ⋅ VinCSS ⋅ [RE016] Malware Analysis: ModiLoader DBatLoader |