Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-22tccontre Blogtcontre
@online{tcontre:20210222:gh0strat:9f98308, author = {tcontre}, title = {{Gh0stRat Anti-Debugging: Nested SEH (try - catch) to Decrypt and Load its Payload}}, date = {2021-02-22}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html}, language = {English}, urldate = {2021-02-25} } Gh0stRat Anti-Debugging: Nested SEH (try - catch) to Decrypt and Load its Payload
Ghost RAT
2021-01-18tccontre Blogtcontre
@online{tcontre:20210118:extracting:4935b1c, author = {tcontre}, title = {{Extracting Shellcode in ICEID .PNG Steganography}}, date = {2021-01-18}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2021/01/}, language = {English}, urldate = {2021-01-21} } Extracting Shellcode in ICEID .PNG Steganography
IcedID
2020-11-05tccontre Blogtcontre
@online{tcontre:20201105:interesting:17c82b2, author = {tcontre}, title = {{Interesting FormBook Crypter - unconventional way to store encrypted data}}, date = {2020-11-05}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2020/11/interesting-formbook-crypter.html}, language = {English}, urldate = {2020-11-06} } Interesting FormBook Crypter - unconventional way to store encrypted data
Formbook
2020-05-14tccontre Blogtcontre
@online{tcontre:20200514:netwalker:eabf178, author = {tcontre}, title = {{Netwalker Ransomware: [API Call Obfuscation (using Structure) and Evading Memory Forensic]}}, date = {2020-05-14}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2020/05/netwalker-ransomware-api-call.html}, language = {English}, urldate = {2020-05-19} } Netwalker Ransomware: [API Call Obfuscation (using Structure) and Evading Memory Forensic]
Mailto
2020-04-08tccontre Blogtcontre
@online{tcontre:20200408:covid19:9c90c45, author = {tcontre}, title = {{COVID19 Malware Analysis - with Kill MBR Feature}}, date = {2020-04-08}, organization = {tccontre Blog}, url = {https://tccontre.blogspot.com/2020/04/covid19-malware-analysis-with-kill-mbr.html}, language = {English}, urldate = {2020-04-21} } COVID19 Malware Analysis - with Kill MBR Feature
CoViper
2019-10-02tcontre
@online{tcontre:20191002:dcrat:1d1f601, author = {tcontre}, title = {{DCRAT malware Evades SandBox that use Fake Internet by using the Google public DNS IP address}}, date = {2019-10-02}, url = {https://tccontre.blogspot.com/2019/10/dcrat-malware-evades-sandbox-that-use.html}, language = {English}, urldate = {2020-02-13} } DCRAT malware Evades SandBox that use Fake Internet by using the Google public DNS IP address
DCRat
2019-03-11tcontre
@online{tcontre:20190311:infor:d8863ed, author = {tcontre}, title = {{Infor Stealer Vidar TrojanSpy Analysis...}}, date = {2019-03-11}, url = {https://tccontre.blogspot.com/2019/03/infor-stealer-vidar-trojanspy-analysis.html}, language = {English}, urldate = {2020-01-05} } Infor Stealer Vidar TrojanSpy Analysis...
Vidar
2018-11-08TC Contretcontre
@online{tcontre:20181108:re:c143721, author = {tcontre}, title = {{R.E.: Gandcrab Downloader.. 'There's More To This Than Meets The Eye'}}, date = {2018-11-08}, organization = {TC Contre}, url = {https://tccontre.blogspot.com/2018/11/re-gandcrab-downloader-theres-more-to.html}, language = {English}, urldate = {2020-01-09} } R.E.: Gandcrab Downloader.. 'There's More To This Than Meets The Eye'
Gandcrab