Malpedia Library

Click here to download all references as Bib-File.•

2023-11-30 ⋅ PTSecurity ⋅ PTSecurity
Hellhounds: operation Lahat
Decoy Dog RAT

2023-07-18 ⋅ Positive Technologies ⋅ PTSecurity
Space Pirates: a look into the group's unconventional techniques, new attack vectors, and tools
Voidoor

2022-12-09 ⋅ Positive Technologies ⋅ PTSecurity
APT Cloud Atlas: Unbroken Threat

2022-08-04 ⋅ PTSecurity ⋅ PT Expert Security Center
Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage
Stealer0x3401 YaRAT

2022-08-04 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage
Stealer0x3401 YaRAT

2022-05-27 ⋅ ⋅ PTSecurity ⋅ Aleksey Vishnyakov, Anton Belousov
How bootkits are implemented in modern firmware and how UEFI differs from Legacy BIOS
LoJax MoonBounce

2021-09-30 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Masters of Mimicry: new APT group ChamelGang and its arsenal
Cobalt Strike

2021-09-30 ⋅ PTSecurity ⋅ PT Expert Security Center
Masters of Mimicry: new APT group ChamelGang and its arsenal
DoorMe Chamelgang

2021-08-03 ⋅ PTSecurity ⋅ PT Expert Security Center
APT31 new dropper. Target destinations: Mongolia, Russia, the U.S., and elsewhere

2021-07-08 ⋅ ⋅ PTSecurity ⋅ Denis Kuvshinov
How winnti APT grouping works
Korlia ShadowPad Winnti

2021-04-12 ⋅ PTSecurity ⋅ PTSecurity
PaaS, or how hackers evade antivirus software
Amadey Bunitu Cerber Dridex ISFB KPOT Stealer Mailto Nemty Phobos Pony Predator The Thief QakBot Raccoon RTM SmokeLoader Zloader

2021-02-18 ⋅ PTSecurity ⋅ PTSecurity
https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques/
Poet RAT Gravity RAT Ketrican Okrum OopsIE Remcos RogueRobinNET RokRAT SmokeLoader

2021-01-14 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Higaisa or Winnti? APT41 backdoors, old and new
Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad

2021-01-14 ⋅ PTSecurity ⋅ PTSecurity
Higaisa or Winnti? APT41 backdoors, old and new
FunnySwitch

2020-11-27 ⋅ PTSecurity ⋅ Alexey Vishnyakov, Denis Goydenko
Investigation with a twist: an accidental APT attack and averted data destruction
TwoFace CHINACHOPPER HyperBro MegaCortex MimiKatz

2020-09-08 ⋅ PTSecurity ⋅ PTSecurity
ShadowPad: new activity from the Winnti group
CCleaner Backdoor Korlia ShadowPad TypeHash

2020-07-23 ⋅ PTSecurity ⋅ Arseniy Sharoglazov
Attacking MS Exchange Web Interfaces

2020-06-16 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Cobalt: tactics and tools update
CobInt

2020-06-04 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
COVID-19 and New Year greetings: an investigation into the tools and methods used by the Higaisa group
Ghost RAT SongXY

2020-05-20 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet
FlawedAmmyy

2020-04-17 ⋅ ⋅ Youtube (Positive Technologies) ⋅ PTSecurity
Mlw #41: новый сложный загрузчик APT-группировки TA505
SnatchLoader

2019-11-11 ⋅ ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Operation TA505, part four. Twins

2019-10-31 ⋅ PTSecurity ⋅ PTSecurity
Calypso APT: new group attacking state institutions
BYEBY FlyingDutchman Hussar PlugX