Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-11Malcatmalcat team
@online{team:20220811:lnk:29e9765, author = {malcat team}, title = {{LNK forensic and config extraction of a cobalt strike beacon}}, date = {2022-08-11}, organization = {Malcat}, url = {https://malcat.fr/blog/lnk-forensic-and-config-extraction-of-a-cobalt-strike-beacon/}, language = {English}, urldate = {2022-08-12} } LNK forensic and config extraction of a cobalt strike beacon
Cobalt Strike
2022-04-17Malcatmalcat team
@online{team:20220417:reversing:4e53a3a, author = {malcat team}, title = {{Reversing a NSIS dropper using quick and dirty shellcode emulation}}, date = {2022-04-17}, organization = {Malcat}, url = {https://malcat.fr/blog/reversing-a-nsis-dropper-using-quick-and-dirty-shellcode-emulation/}, language = {English}, urldate = {2022-04-29} } Reversing a NSIS dropper using quick and dirty shellcode emulation
Loki Password Stealer (PWS)
2022-03-13Malcatmalcat team
@online{team:20220313:cutting:f4878c8, author = {malcat team}, title = {{Cutting corners against a Dridex downloader}}, date = {2022-03-13}, organization = {Malcat}, url = {https://malcat.fr/blog/cutting-corners-against-a-dridex-downloader/}, language = {English}, urldate = {2022-03-14} } Cutting corners against a Dridex downloader
Dridex
2021-12-07Malcatmalcat team
@online{team:20211207:exploit:e9f2c89, author = {malcat team}, title = {{Exploit, steganography and Delphi: unpacking DBatLoader}}, date = {2021-12-07}, organization = {Malcat}, url = {https://malcat.fr/blog/exploit-steganography-and-delphi-unpacking-dbatloader/}, language = {English}, urldate = {2021-12-31} } Exploit, steganography and Delphi: unpacking DBatLoader
DBatLoader
2021-08-16Malcatmalcat team
@online{team:20210816:statically:665b400, author = {malcat team}, title = {{Statically unpacking a simple .NET dropper}}, date = {2021-08-16}, organization = {Malcat}, url = {https://malcat.fr/blog/statically-unpacking-a-simple-net-dropper/}, language = {English}, urldate = {2022-01-05} } Statically unpacking a simple .NET dropper
Loki Password Stealer (PWS)