Mirrors
/
awesome-malware-resources
의 미러 https://github.com/mave12/awesome-malware-resources
6
0
포크 0
코드 이슈 Packages Projects 릴리즈 위키 활동

Update README.md

This commit is contained in:
Sokow86 2021-05-20 14:58:26 +02:00 committed by GitHub
부모 50e1fc9948
커밋 15934b1c63
No known key found for this signature in database
GPG 키 ID: 4AEE18F83AFDEB23
1개의 변경된 파일10개의 추가작업 그리고 0개의 파일을 삭제
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
파일 보기

@ -247,6 +247,7 @@ Daniel Bunce (0verfl0w_) - SentinelOne
[2021]
* [Let’s set ice on fire: Hunting and detecting IcedID infections](https://www.telekom.com/en/blog/group/article/let-s-set-ice-on-fire-hunting-and-detecting-icedid-infections-627240)
* [IcedID on my neck I’m the coolest](https://4rchib4ld.github.io/blog/IcedIDOnMyNeckImTheCoolest/)
* [IcedID Analysis](https://aaqeel01.wordpress.com/2021/04/09/icedid-analysis/)
* [IcedID GZIPLOADER Analysis](https://www.binarydefense.com/icedid-gziploader-analysis/)
@ -359,7 +360,15 @@ Zloader email campaign using MHTML to download and decrypt XLS](https://www.horn
[2021]
* [Look how many cybercriminals love Cobalt Strike](https://www.intel471.com/blog/Cobalt-strike-cybercriminals-trickbot-qbot-hancitor)
* [Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic](https://www.blackarrow.net/leveraging-microsoft-teams-to-persist-and-cover-up-cobalt-strike-traffic/)
* [Anatomy of Cobalt Strike’s DLL Stager](https://blog.nviso.eu/2021/04/26/anatomy-of-cobalt-strike-dll-stagers/)
* [Yet Another Cobalt Strike Stager: GUID Edition](https://www.guidepointsecurity.com/yet-another-cobalt-strike-loader-guid-edition/)
[2020]
* [The art and science of detecting Cobalt Strike - Talos](https://s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/031/original/Talos_Cobalt_Strike.pdf?1600694964)
* [Detecting Cobalt Strike Default Modules via Named Pipe Analysis](https://labs.f-secure.com/blog/detecting-cobalt-strike-default-modules-via-named-pipe-analysis/)
## Ransomware
@ -410,6 +419,7 @@ Zloader email campaign using MHTML to download and decrypt XLS](https://www.horn
* [McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service The All-Stars - Episode 2](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-the-all-stars/)
* [McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service Follow The Money - Episode 3](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-follow-the-money/)
* [McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service Crescendo - Episode 4](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-crescendo/)
* [Kaspersky - Sodin ransomware exploits Windows vulnerability and processor architecture](https://securelist.com/sodin-ransomware/91473/)
### Makop