Malpedia Library

Click here to download all references as Bib-File.•

2022-01-09 ⋅ Twitter (@sixdub) ⋅ Justin Warner
Tweet on malicious document used by Gamaredon aka DEV-0157

2021-12-28 ⋅ Twitter (MalwareHunterTeam) ⋅ MalwareHunterTeam
Tweet on RagnarLocker Linux variant
RagnarLocker

2021-12-21 ⋅ Twitter (@sisoma2) ⋅ sisoma2
BlackCat Ransomware Linux variant
BlackCat

2021-12-16 ⋅ Twitter (@nahamike01) ⋅ MikeR
Tweet on SPIDERRAT malware used by CIRCUIT PANDA
SPIDERPIG RAT

2021-12-11 ⋅ Twitter (@vxunderground) ⋅ VX-Underground
Tweet on Gomorrah panel source code leak
Gomorrah stealer

2021-11-26 ⋅ Twitter (@jhencinski) ⋅ Jon Hencinski
Twitter Thread on weelky MDR recap from expel.io
GootKit Squirrelwaffle

2021-11-21 ⋅ Twitter (@tylabs) ⋅ Twitter (@ffforward), Tyler McLellan
Twitter Thread about UNC1500 phishing using QAKBOT
QakBot

2021-11-20 ⋅ Twitter (@eduardfir) ⋅ Eduardo Mattos
Tweet on Velociraptor artifact analysis for Emotet
Emotet

2021-11-19 ⋅ Twitter (@knight0x07) ⋅ neeraj
Tweet on Exmatter, custom data exfiltration tool, used by Blackmatter ransomware group
ExMatter

2021-11-18 ⋅ Twitter (@tccontre18) ⋅ Br3akp0int
Tweet on how to decrypt 4 layers of encryption & obfuscation of vjw0rm
Vjw0rm

2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot

2021-11-16 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group

2021-11-16 ⋅ Twitter (@_icebre4ker_) ⋅ Fr4
Tweet about Aberebot source code put up for sale by the developer
Aberebot

2021-11-16 ⋅ Twitter (@kienbigmummy) ⋅ m4n0w4r
Tweet on short analysis of QakBot
QakBot

2021-11-14 ⋅ Twitter (@f0wlsec) ⋅ Marius Genheimer
A static config extractor for the main component of DanaBot
DanaBot

2021-11-12 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweets on DarkLoader
DarkLoader

2021-11-12 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweets on Void Balaur using QuantLoader and ZStealer
QuantLoader ZStealer

2021-11-11 ⋅ Twitter (@aRtAGGI) ⋅ Michael Raggi
Tweet on APT31 using compromised PakEdge Rk1&RE2 router IPs as exit nodes in reconnaissance phishing campaigns

2021-11-10 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.

2021-11-10 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe