{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T18:47:23Z","timestamp":1772909243219,"version":"3.50.1"},"reference-count":85,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2021,1,21]],"date-time":"2021-01-21T00:00:00Z","timestamp":1611187200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Science Foundation","award":["CNS-1552059"],"award-info":[{"award-number":["CNS-1552059"]}]},{"name":"CSIRT partners"},{"name":"Brazilian National Counsel of Technological and Scientific Development (CNPq) for the PhD Scholarship","award":["164745\/2017-3"],"award-info":[{"award-number":["164745\/2017-3"]}]},{"name":"Google\u2019s Security, Privacy, and Anti-Abuse group"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2021,5,31]]},"abstract":"<jats:p>Malware analysis is an essential task to understand infection campaigns, the behavior of malicious codes, and possible ways to mitigate threats. Malware analysis also allows better assessment of attackers\u2019 capabilities, techniques, and processes. Although a substantial amount of previous work provided a comprehensive analysis of the international malware ecosystem, research on regionalized, country-, and population-specific malware campaigns have been scarce. Moving towards addressing this gap, we conducted a longitudinal (2012-2020) and comprehensive (encompassing an entire population of online banking users) study of MS Windows desktop malware that actually infected Brazilian banks\u2019 users. We found that the Brazilian financial desktop malware has been evolving quickly: it started to make use of a variety of file formats instead of typical PE binaries, relied on native system resources, and abused obfuscation techniques to bypass detection mechanisms. Our study on the threats targeting a significant population on the ecosystem of the largest and most populous country in Latin America can provide invaluable insights that may be applied to other countries\u2019 user populations, especially those in the developing world that might face cultural peculiarities similar to Brazil\u2019s. With this evaluation, we expect to motivate the security community\/industry to seriously consider a deeper level of customization during the development of next-generation anti-malware solutions, as well as to raise awareness towards regionalized and targeted Internet threats.<\/jats:p>","DOI":"10.1145\/3429741","type":"journal-article","created":{"date-parts":[[2021,1,21]],"date-time":"2021-01-21T11:31:58Z","timestamp":1611228718000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["One Size Does Not Fit All"],"prefix":"10.1145","volume":"24","author":[{"given":"Marcus","family":"Botacin","sequence":"first","affiliation":[{"name":"Federal University of Paran\u00e1 (UFPR), UFPR, Curitiba-PR, Brazil"}]},{"given":"Hojjat","family":"Aghakhani","sequence":"additional","affiliation":[{"name":"University of California at Santa Barbara (UCSB), UCSB, Santa Barbara, CA, USA"}]},{"given":"Stefano","family":"Ortolani","sequence":"additional","affiliation":[{"name":"VMware, USA"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[{"name":"University of California at Santa Barbara (UCSB) and VMware, UCSB, Santa Barbara, CA, USA"}]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[{"name":"University of California at Santa Barbara (UCSB) and VMware, UCSB, Santa Barbara, CA, USA"}]},{"given":"Daniela","family":"Oliveira","sequence":"additional","affiliation":[{"name":"University of Florida (UF), UF, Gainesville, FL, USA"}]},{"given":"Paulo L\u00edcio De","family":"Geus","sequence":"additional","affiliation":[{"name":"University of Campinas (UNICAMP), UNICAMP, Campinas-SP, Brazil"}]},{"given":"Andr\u00e9","family":"Gr\u00e9gio","sequence":"additional","affiliation":[{"name":"Federal University of Paran\u00e1 (UFPR), UFPR, Curitiba-PR, Brazil"}]}],"member":"320","published-online":{"date-parts":[[2021,1,21]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.techsoc.2010.07.001"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23384"},{"key":"e_1_2_1_3_1","volume-title":"Retrieved","author":"Assolini F\u00e1bio","year":"2015"},{"key":"e_1_2_1_4_1","volume-title":"Retrieved","author":"Assolini Fabio","year":"2015"},{"key":"e_1_2_1_5_1","volume-title":"Brazilian banking Trojans meet PowerShell. Retrieved","author":"Assolini Fabio","year":"2018"},{"key":"e_1_2_1_6_1","volume-title":"Retrieved","author":"Barbosa Gabriel Negreira","year":"2014"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855676.1855684"},{"key":"e_1_2_1_8_1","unstructured":"BlueLiv. 2019. Malware campaign targeting banks in Spain and Latin America. https:\/\/www.blueliv.com\/cyber-security-and-cyber-threat-intelligence-blog-blueliv\/research\/malware-campaign-targeting-banks-in-spain-and-latin-america\/.  BlueLiv. 2019. Malware campaign targeting banks in Spain and Latin America. https:\/\/www.blueliv.com\/cyber-security-and-cyber-threat-intelligence-blog-blueliv\/research\/malware-campaign-targeting-banks-in-spain-and-latin-america\/."},{"key":"e_1_2_1_9_1","volume-title":"We need to talk about antiviruses: Challenges 8 pitfalls of AV evaluations. Computers 8 Security 95","author":"Botacin Marcus","year":"2020"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3339252.3340103"},{"key":"e_1_2_1_11_1","first-page":"1","article-title":"The other guys: Automated analysis of marginalized malware","volume":"1","author":"Botacin Marcus Felipe","year":"2017","journal-title":"Journal of Computer Virology and Hacking Techniques"},{"key":"e_1_2_1_12_1","volume-title":"Retrieved","author":"Branco Rodrigo Rubira","year":"2012"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028067.2028080"},{"key":"e_1_2_1_14_1","unstructured":"Haipeng Cai and Barbara Ryder. 2016. Understanding application behaviours for Android security: A systematic characterization. https:\/\/vtechworks.lib.vt.edu\/bitstream\/handle\/10919\/71678\/cairyder_techreport.pdf.  Haipeng Cai and Barbara Ryder. 2016. Understanding application behaviours for Android security: A systematic characterization. https:\/\/vtechworks.lib.vt.edu\/bitstream\/handle\/10919\/71678\/cairyder_techreport.pdf."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1244408.1244423"},{"key":"e_1_2_1_16_1","unstructured":"Converg\u00eanciaDigital. 2019. Brasil perdeu mais de R$ 80 bilh\u00f5es com ataques cibern\u00e9ticos em 12 meses. https:\/\/www.convergenciadigital.com.br\/cgi\/cgilua.exe\/sys\/start.htm?UserActiveTemplate=site8infoid=516238sid=18.  Converg\u00eanciaDigital. 2019. Brasil perdeu mais de R$ 80 bilh\u00f5es com ataques cibern\u00e9ticos em 12 meses. https:\/\/www.convergenciadigital.com.br\/cgi\/cgilua.exe\/sys\/start.htm?UserActiveTemplate=site8infoid=516238sid=18."},{"key":"e_1_2_1_17_1","unstructured":"Loic Corbasson. 2016. MS Windows LNK file parser. https:\/\/github.com\/lcorbasson\/lnk-parse.  Loic Corbasson. 2016. MS Windows LNK file parser. https:\/\/github.com\/lcorbasson\/lnk-parse."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00054"},{"key":"e_1_2_1_20_1","unstructured":"CyberCureMe. 2019. Hackers use GitHub to host malware to attack victims by abusing Yandex owned legitimate ad service. https:\/\/www.cybercureme.com\/hackers-use-github-to-host-malware-to-attack-victims-by-abusing-yandex-owned-legitimate-ad-service\/.  CyberCureMe. 2019. Hackers use GitHub to host malware to attack victims by abusing Yandex owned legitimate ad service. https:\/\/www.cybercureme.com\/hackers-use-github-to-host-malware-to-attack-victims-by-abusing-yandex-owned-legitimate-ad-service\/."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774482"},{"key":"e_1_2_1_22_1","unstructured":"Diebold. 2012. Warsaw. http:\/\/www.dieboldnixdorf.com.br\/warsaw.  Diebold. 2012. Warsaw. http:\/\/www.dieboldnixdorf.com.br\/warsaw."},{"key":"e_1_2_1_24_1","unstructured":"Banco do Brasil. 2013. Internet Banking - M\u00f3dulo de Seguran\u00e7a. https:\/\/www.bb.com.br\/portalbb\/page22 7795 7795 0 0 1 0.bb?codigoNoticia=39455.  Banco do Brasil. 2013. Internet Banking - M\u00f3dulo de Seguran\u00e7a. https:\/\/www.bb.com.br\/portalbb\/page22 7795 7795 0 0 1 0.bb?codigoNoticia=39455."},{"key":"e_1_2_1_25_1","unstructured":"EBanx. 2020. Banks are the main target of cyber attack attempts in Latin America. https:\/\/labs.ebanx.com\/en\/news\/technology\/banks-are-the-main-target-of-cyberattack-attempts-in-latin-america\/.  EBanx. 2020. Banks are the main target of cyber attack attempts in Latin America. https:\/\/labs.ebanx.com\/en\/news\/technology\/banks-are-the-main-target-of-cyberattack-attempts-in-latin-america\/."},{"key":"e_1_2_1_26_1","unstructured":"IG Economia. 2017. Imposto de Renda: 40 entregaram a declara\u00e7\u0101o. http:\/\/economia.ig.com.br\/2017-04-24\/imposto-renda-declaracao-incompleta.html.  IG Economia. 2017. Imposto de Renda: 40 entregaram a declara\u00e7\u0101o. http:\/\/economia.ig.com.br\/2017-04-24\/imposto-renda-declaracao-incompleta.html."},{"key":"e_1_2_1_27_1","volume-title":"Mitigating drive-by download attacks: Challenges and open problems. In iNetSec 2009 -- Open Research Problems in Network Security","author":"Egele Manuel"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028067.2028088"},{"key":"e_1_2_1_29_1","unstructured":"FEBRABAN. 2019. 2019 FEBRABAN Banking Technology Survey conducted by Deloitte. https:\/\/www2.deloitte.com\/content\/dam\/Deloitte\/br\/Documents\/financial-services\/2019-FEBRABAN-Banking-Tecnhology-Survey.pdf.  FEBRABAN. 2019. 2019 FEBRABAN Banking Technology Survey conducted by Deloitte. https:\/\/www2.deloitte.com\/content\/dam\/Deloitte\/br\/Documents\/financial-services\/2019-FEBRABAN-Banking-Tecnhology-Survey.pdf."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557292"},{"key":"e_1_2_1_31_1","unstructured":"foremost. 2018. foremost. http:\/\/foremost.sourceforge.net.  foremost. 2018. foremost. http:\/\/foremost.sourceforge.net."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2014.6999402"},{"key":"e_1_2_1_33_1","unstructured":"Sergiu Gatlan. 2019. GitHub service abused by attackers to host phishing kits. https:\/\/www.bleepingcomputer.com\/news\/security\/github-service-abused-by-attackers-to-host-phishing-kits\/.  Sergiu Gatlan. 2019. GitHub service abused by attackers to host phishing kits. https:\/\/www.bleepingcomputer.com\/news\/security\/github-service-abused-by-attackers-to-host-phishing-kits\/."},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2480362.2480704"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382283"},{"key":"e_1_2_1_36_1","unstructured":"Bill Hartzer. 2010. comScore report: Twitter usage exploding in Brazil Indonesia and Venezuela. https:\/\/www.billhartzer.com\/internet-usage\/comscore-twitter-latin-america-usage\/.  Bill Hartzer. 2010. comScore report: Twitter usage exploding in Brazil Indonesia and Venezuela. https:\/\/www.billhartzer.com\/internet-usage\/comscore-twitter-latin-america-usage\/."},{"key":"e_1_2_1_37_1","unstructured":"Colin C. Ife Yen Shen Steven J. Murdoch and Gianluca Stringhini. 2019. Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the Web.  Colin C. Ife Yen Shen Steven J. Murdoch and Gianluca Stringhini. 2019. Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the Web."},{"key":"e_1_2_1_38_1","unstructured":"Jad. 2018. Java Decompiler. https:\/\/varaneckas.com\/jad\/.  Jad. 2018. Java Decompiler. https:\/\/varaneckas.com\/jad\/."},{"key":"e_1_2_1_39_1","volume-title":"The US is switching from credit card signatures to PINs, but banks need to get on board. Retrieved","author":"Jeffries Adrianne","year":"2018"},{"key":"e_1_2_1_40_1","volume-title":"Retrieved","year":"2015"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134002"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/2886351"},{"key":"e_1_2_1_43_1","unstructured":"Ravie Lakshmanan. 2020. 4 Dangerous Brazilian banking Trojans now trying to rob users worldwide. https:\/\/thehackernews.com\/2020\/07\/brazilian-banking-trojan.html.  Ravie Lakshmanan. 2020. 4 Dangerous Brazilian banking Trojans now trying to rob users worldwide. https:\/\/thehackernews.com\/2020\/07\/brazilian-banking-trojan.html."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/BADGERS.2014.7"},{"key":"e_1_2_1_45_1","unstructured":"Mariah. 2015. Getting acquainted with LNK file structure. https:\/\/www.acquireforensics.com\/blog\/lnk-file-format.html.  Mariah. 2015. Getting acquainted with LNK file structure. https:\/\/www.acquireforensics.com\/blog\/lnk-file-format.html."},{"key":"e_1_2_1_46_1","unstructured":"McAfee. 2015. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/brazilian-banking-malware-hides-in-sql-database\/.  McAfee. 2015. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/brazilian-banking-malware-hides-in-sql-database\/."},{"key":"e_1_2_1_47_1","volume-title":"E-governance in Brazil. Retrieved","author":"Mello Juliana","year":"2018"},{"key":"e_1_2_1_48_1","volume-title":"Retrieved","author":"Merc\u00eas Fernando","year":"2014"},{"key":"e_1_2_1_49_1","unstructured":"Xavier Mertens. 2018. Malware delivered via Windows Installer files. https:\/\/isc.sans.edu\/diary\/Malware+Delivered+via+Windows+Installer+Files\/23349.  Xavier Mertens. 2018. Malware delivered via Windows Installer files. https:\/\/isc.sans.edu\/diary\/Malware+Delivered+via+Windows+Installer+Files\/23349."},{"key":"e_1_2_1_50_1","unstructured":"Microsoft. 2013. Encode and decode a VB script. https:\/\/gallery.technet.microsoft.com\/Encode-and-Decode-a-VB-a480d74c.  Microsoft. 2013. Encode and decode a VB script. https:\/\/gallery.technet.microsoft.com\/Encode-and-Decode-a-VB-a480d74c."},{"key":"e_1_2_1_51_1","volume-title":"Jane\u2019s Military 8 Security Assessments Intelligence Centre","author":"Muggah Robert","year":"2017"},{"key":"e_1_2_1_52_1","unstructured":"NetMarketShare. 2018. Browser Market Share. https:\/\/netmarketshare.com\/browser-market-share.aspx.  NetMarketShare. 2018. Browser Market Share. https:\/\/netmarketshare.com\/browser-market-share.aspx."},{"key":"e_1_2_1_53_1","unstructured":"Netmarketshare. 2018. Operating System Market Share. https:\/\/www.netmarketshare.com\/operating-system-market-share.aspx.  Netmarketshare. 2018. Operating System Market Share. https:\/\/www.netmarketshare.com\/operating-system-market-share.aspx."},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025831"},{"key":"e_1_2_1_55_1","volume-title":"The International Political Economy of Transformation in Argentina, Brazil and Chile Since","author":"Pang E.","year":"1960"},{"key":"e_1_2_1_56_1","unstructured":"peframe. 2014. peframe. https:\/\/github.com\/guelfoweb\/peframe.  peframe. 2014. peframe. https:\/\/github.com\/guelfoweb\/peframe."},{"key":"e_1_2_1_57_1","unstructured":"Mono Project. 2018. Mono Project. http:\/\/www.mono-project.com\/.  Mono Project. 2018. Mono Project. http:\/\/www.mono-project.com\/."},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323128.1323132"},{"key":"e_1_2_1_59_1","unstructured":"Pyew. 2009. Pyew. https:\/\/github.com\/joxeankoret\/pyew.  Pyew. 2009. Pyew. https:\/\/github.com\/joxeankoret\/pyew."},{"key":"e_1_2_1_60_1","volume-title":"Phishing Attacks and Countermeasures","author":"Ramzan Zulfikar"},{"key":"e_1_2_1_61_1","volume-title":"Anna Rosling R\u00f6nnlund, and Ola Rosling","author":"Rosling Hans","year":"2018"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37300-8_3"},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICGCIoT.2015.7380711"},{"key":"e_1_2_1_64_1","volume-title":"Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.)","author":"Sebasti\u00e1n Marcos"},{"key":"e_1_2_1_65_1","unstructured":"SecureList. 2015. The rise of .NET and Powershell malware. https:\/\/securelist.com\/the-rise-of-net-and-powershell-malware\/72417\/.  SecureList. 2015. The rise of .NET and Powershell malware. https:\/\/securelist.com\/the-rise-of-net-and-powershell-malware\/72417\/."},{"key":"e_1_2_1_66_1","unstructured":"SecurityWeek. 2017. Chinese cyberspies deliver new malware via CPL files. https:\/\/www.securityweek.com\/chinese-cyberspies-deliver-new-malware-cpl-files.  SecurityWeek. 2017. Chinese cyberspies deliver new malware via CPL files. https:\/\/www.securityweek.com\/chinese-cyberspies-deliver-new-malware-cpl-files."},{"key":"e_1_2_1_67_1","unstructured":"Seg.BB. 2019. Questions about the security module. https:\/\/seg.bb.com.br\/duvidas.html?question=15#en.  Seg.BB. 2019. Questions about the security module. https:\/\/seg.bb.com.br\/duvidas.html?question=15#en."},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.5555\/966245"},{"key":"e_1_2_1_69_1","unstructured":"ssdeep. 2002. ssdeep Project. http:\/\/ssdeep.sourceforge.net\/.  ssdeep. 2002. ssdeep Project. http:\/\/ssdeep.sourceforge.net\/."},{"key":"e_1_2_1_70_1","volume-title":"Leading countries based on number of Facebook users as of","year":"2018"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2015.42"},{"key":"e_1_2_1_72_1","unstructured":"Benson Sy. 2017. A rising trend: How attackers are using LNK files to download malware. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/rising-trend-attackers-using-lnk-files-download-malware\/.  Benson Sy. 2017. A rising trend: How attackers are using LNK files to download malware. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/rising-trend-attackers-using-lnk-files-download-malware\/."},{"key":"e_1_2_1_73_1","unstructured":"Symantec. 2012. Internet Security Threat Report. https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/b-intelligence_report_11_2012.en-us.pdf.  Symantec. 2012. Internet Security Threat Report. https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/b-intelligence_report_11_2012.en-us.pdf."},{"key":"e_1_2_1_74_1","unstructured":"Symantec. 2014. Internet Security Threat Report. http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/b-istr_main_report_v19_21291018.en-us.pdf.  Symantec. 2014. Internet Security Threat Report. http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/b-istr_main_report_v19_21291018.en-us.pdf."},{"key":"e_1_2_1_75_1","unstructured":"Symantec. 2016. Escalation of SSL-based malware. https:\/\/www.symantec.com\/connect\/blogs\/escalation-ssl-based-malware.  Symantec. 2016. Escalation of SSL-based malware. https:\/\/www.symantec.com\/connect\/blogs\/escalation-ssl-based-malware."},{"key":"e_1_2_1_76_1","unstructured":"Dana Tamir. 2014. Rising use of malicious Java code for enterprise infiltration. https:\/\/securityintelligence.com\/rising-use-malicious-java-code-enterprise-infiltration\/.  Dana Tamir. 2014. Rising use of malicious Java code for enterprise infiltration. https:\/\/securityintelligence.com\/rising-use-malicious-java-code-enterprise-infiltration\/."},{"key":"e_1_2_1_77_1","unstructured":"tcpdump. 2018. tcpdump. www.tcpdump.org.  tcpdump. 2018. tcpdump. www.tcpdump.org."},{"key":"e_1_2_1_78_1","volume-title":"Mobile vs desktop usage: Mobile grows but desktop still a big player","author":"Temple Stone","year":"2017"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134067"},{"key":"e_1_2_1_80_1","unstructured":"USA Today. 2017. For first time in a decade PC sales slip below 63 million. https:\/\/www.usatoday.com\/story\/tech\/2017\/04\/12\/pc-shipments-dip----again\/100347930\/.  USA Today. 2017. For first time in a decade PC sales slip below 63 million. https:\/\/www.usatoday.com\/story\/tech\/2017\/04\/12\/pc-shipments-dip----again\/100347930\/."},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/3291061"},{"key":"e_1_2_1_82_1","volume-title":"JavaScript Sandboxing: Isolating and Restricting Client-Side JavaScript","author":"Acker Steven Van"},{"key":"e_1_2_1_83_1","volume-title":"Pattern mining for future attacks. Retrieved","author":"Venkatesan Ramarathnam","year":"2018"},{"key":"e_1_2_1_84_1","unstructured":"VirusBulletin. 2012. VB100. https:\/\/www.virusbtn.com\/vb100\/archive\/test?order=298id=2078tab=onDemand.  VirusBulletin. 2012. VB100. https:\/\/www.virusbtn.com\/vb100\/archive\/test?order=298id=2078tab=onDemand."},{"key":"e_1_2_1_85_1","unstructured":"VirusTotel. 2018. VirusTotal. http:\/\/www.virustotal.com.  VirusTotel. 2018. VirusTotal. http:\/\/www.virustotal.com."},{"key":"e_1_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3429741","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3429741","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:31:44Z","timestamp":1750195904000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3429741"}},"subtitle":["A Longitudinal Analysis of Brazilian Financial Malware"],"short-title":[],"issued":{"date-parts":[[2021,1,21]]},"references-count":85,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2021,5,31]]}},"alternative-id":["10.1145\/3429741"],"URL":"https:\/\/doi.org\/10.1145\/3429741","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,21]]},"assertion":[{"value":"2020-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-10-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-01-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}