Malpedia Library

Click here to download all references as Bib-File.•

2021-05-28 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on REvil ver 2.07
REvil

2021-05-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.2 (p.php variant) with new AES strings encryption
FluBot

2021-05-17 ⋅ Back Engineering ⋅ _xeroxz
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture

2021-05-17 ⋅ Github (telekom-security) ⋅ Deutsche Telekom Security GmbH
icedid_analysis
IcedID

2021-05-11 ⋅ Mal-Eats ⋅ mal_eats
Campo, a New Attack Campaign Targeting Japan
AnchorDNS BazarBackdoor campoloader Cobalt Strike Phobos Snifula TrickBot Zloader

2021-05-10 ⋅ Mal-Eats ⋅ mal_eats
Overview of Campo, a new attack campaign targeting Japan
AnchorDNS BazarBackdoor Cobalt Strike ISFB Phobos TrickBot Zloader

2021-05-08 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on CyberChef recipe to extract Revil Ransomware configuration
REvil

2021-05-03 ⋅ Twitter (@y_advintel) ⋅ Yelisey Boguslavskiy
Tween on new RaaS Galaxy Ransomware

2021-05-01 ⋅ Twitter (@JAMESWT_MHT) ⋅ JamesWT
Tweet on linux version of DarkSide ransomware
DarkSide DarkSide

2021-04-22 ⋅ Twitter (@ET_Labs) ⋅ ET Labs
Tweet on Lunar Builder exfiltrating data via Discord webhook

2021-04-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on FluBot Version 4.0
FluBot

2021-04-19 ⋅ Twitter (@_alex_il_) ⋅ Alex Ilgayev
Tweet on QakBot's additional decryption mechanism
QakBot

2021-04-16 ⋅ Medium (Bank Security) ⋅ Bank_Security
Are the hackers all Russian? Results of a 1 year espionage operation in the Top-tier Russian underground communities

2021-04-15 ⋅ nao_sec blog ⋅ nao_sec
Exploit Kit still sharpens a sword
PurpleFox

2021-03-27 ⋅ Github (StrangerealIntel) ⋅ Twitter (@Arkbird_SOLG)
Terraloader: Congrats, you have a new fake job!
TerraLoader

2021-03-24 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on REvil ransomware
REvil

2021-03-11 ⋅ YouTube ( Malware_Analyzing_&_RE_Tips_Tricks) ⋅ Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook

2021-03-04 ⋅ 360 netlab ⋅ Jinye
Gafgtyt_tor and Necro are on the move again
Bashlite N3Cr0m0rPh Keksec

2021-03-01 ⋅ YouTube ( Malware_Analyzing_&_RE_Tips_Tricks) ⋅ Jiří Vinopal
Ryuk Ransomware - Advanced using of Scylla for Imports reconstruction
Ryuk

2021-02-26 ⋅ YouTube (Black Hat) ⋅ Kevin Perlow
FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
FastCash