Malpedia Library

Click here to download all references as Bib-File.•

2021-10-05 ⋅ Medium s2wlab ⋅ S2W TALON
Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.
Prometheus

2021-09-30 ⋅ Medium proferosec-osm ⋅ Brenton Morris
RansomEXX, Fixing Corrupted Ransom
RansomEXX

2021-09-29 ⋅ Medium BlueMonkey ⋅ BlueMonkey
Aria-Body Loader? Is that you?
Aria-body

2021-09-27 ⋅ Medium ryancor ⋅ Ryan Cornateanu
Deobfuscating PowerShell Malware Droppers
Agent.BTZ

2021-09-26 ⋅ Medium BlueteamOps ⋅ BlueteamOps
Supercharging Bulk DFIR triage with Node-RED, Google’s Log2timeline & Google’s Timesketch

2021-09-21 ⋅ Medium elis531989 ⋅ Eli Salem
The Squirrel Strikes Back: Analysis of the newly emerged cobalt-strike loader “SquirrelWaffle”
Cobalt Strike Squirrelwaffle

2021-09-17 ⋅ Medium inteloperator ⋅ Intel Operator
The default: 63 6f 62 61 6c 74 strike
Cobalt Strike

2021-09-16 ⋅ Medium Shabarkin ⋅ Pavel Shabarkin
Pointer: Hunting Cobalt Strike globally
Cobalt Strike

2021-09-12 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444
Cobalt Strike

2021-09-09 ⋅ Medium s2wlab ⋅ S2W TALON
Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction
SunCrypt

2021-09-08 ⋅ Medium s2wlab ⋅ S2W TALON
Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands
Babuk BlackMatter Babuk BlackMatter

2021-09-07 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike C2 Hunting with Shodan
Cobalt Strike

2021-09-07 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Decoding SmartAssembly strings, a Haron ransomware case study
Haron Ransomware

2021-09-02 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike PowerShell Payload Analysis
Cobalt Strike

2021-09-01 ⋅ Medium s2wlab ⋅ Chaewon Moon, Denise Dasom Kim, Jungyeon Lim, S2W LAB INTELLIGENCE TEAM, Sujin Lim, Yeonghyeon Jeong
BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter

2021-08-29 ⋅ Medium Asuna Amawaka ⋅ Asuna Amawaka
Quarians, Turians and…QuickHeal
QuickHeal

2021-08-21 ⋅ Medium Crovax ⋅ Crovax
Panda Banker Analysis Part 1
PandaBanker

2021-08-20 ⋅ ⋅ Medium Berhan Bingöl ⋅ Berhan Bingöl
VirtualBox Detection, Anti-Detection

2021-08-19 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Looking at the new Krypton crypter and recent Data Exfiltrator Samples

2021-08-17 ⋅ Medium amgedwageh ⋅ Amged Wageh
LockBit Ransomware Analysis Notes
LockBit