-
-
Save jipegit/be02145756f78f08342dc220f6a707db to your computer and use it in GitHub Desktop.
| 2017-03-14 https://securelist.com/petrwrap-the-new-petya-based-ransomware-used-in-targeted-attacks/77762/ | |
| 2017-05-23 https://www.welivesecurity.com/2017/05/23/xdata-ransomware-making-rounds-amid-global-wannacryptor-scare/ (likey related to the same campaign) | |
| 2017-06-27 https://securelist.com/schroedingers-petya/78870/ | |
| 2017-06-27 https://securingtomorrow.mcafee.com/mcafee-labs/new-variant-petya-ransomware-spreading-like-wildfire/ | |
| 2017-06-27 http://blog.trendmicro.com/trendlabs-security-intelligence/large-scale-ransomware-attack-progress-hits-europe-hard/ | |
| 2017-06-27 https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/ | |
| 2017-06-27 http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html | |
| 2017-06-27 https://blog.comae.io/byata-enhanced-wannacry-a3ddd6c8dabb | |
| 2017-06-28 https://www.govcert.admin.ch/blog/32/notes-about-the-notpetya-ransomware | |
| 2017-06-28 https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/ | |
| 2017-06-28 https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b | |
| 2017-06-28 https://www.carbonblack.com/2017/06/28/carbon-black-threat-research-technical-analysis-petya-notpetya-ransomware/ | |
| 2017-06-29 https://www.crowdstrike.com/blog/petrwrap-ransomware-technical-analysis-triple-threat-file-encryption-mft-encryption-credential-theft/ | |
| 2017-06-29 https://blogs.technet.microsoft.com/mmpc/2017/06/29/windows-10-platform-resilience-against-the-petya-ransomware-attack/ | |
| 2017-06-29 https://blog.malwarebytes.com/threat-analysis/2017/06/eternalpetya-lost-salsa20-key/ | |
| 2017-06-30 https://www.welivesecurity.com/2017/06/30/telebots-back-supply-chain-attacks-against-ukraine/ | |
| 2017-06-30 https://securelist.com/from-blackenergy-to-expetr/78937/ | |
| 2017-06-30 https://securingtomorrow.mcafee.com/business/petya-effective-destruction-ransomware/ | |
| 2017-06-30 https://blog.malwarebytes.com/threat-analysis/2017/06/eternalpetya-yet-another-stolen-piece-package/ | |
| 2017-07-02 https://countuponsecurity.com/2017/07/02/analysis-of-a-master-boot-record-eternalpetya/ | |
| 2017-07-02 https://github.com/aguinet/petya2017_notes/ (Notes about reverse engineering the Petya2017 ransomware) | |
| 2017-07-04 https://www.welivesecurity.com/2017/07/04/analysis-of-telebots-cunning-backdoor/ | |
| 2017-07-04 https://labsblog.f-secure.com/2017/07/04/how-eternalpetya-encrypts-files-in-user-mode/ | |
| 2017-07-05 http://blog.talosintelligence.com/2017/07/the-medoc-connection.html |
https://www.hybrid-analysis.com/sample/027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745?environmentId=100 [Advanced automated analysis]
https://www.joesecurity.org/reports/report-71b6a493388e7d0b40c83ce903bc6b04.html [Advanced automated analysis]
https://otx.alienvault.com/pulse/59525e7a95270e240c055ead/ [ Has cryptographic method in comments which I hadn't seen before in most of those others.
https://blog.malwarebytes.com/threat-analysis/2017/06/eternalpetya-lost-salsa20-key/ < Discusses crypto elements in greater technical detail, again not something I'd seen elsewhere.
https://blog.malwarebytes.com/threat-analysis/2017/06/eternalpetya-yet-another-stolen-piece-package/ < More on that and detail analysis Hasherazade did some great work worth cataloguing.
Thanks.
https://blog.comae.io/byata-enhanced-wannacry-a3ddd6c8dabb