Malpedia Library

Click here to download all references as Bib-File.•

2020-08-25 ⋅ Aqua Nautilus ⋅ Assaf Morag
Deep Analysis of TeamTNT Techniques Using Container Images to Attack
TeamTNT Tsunami XMRIG

2020-08-12 ⋅ DeepInstinct ⋅ Ron Ben Yizhak
Why Emotet’s Latest Wave is Harder to Catch than Ever Before
Emotet

2020-07-24 ⋅ Medium (@velasco.l.n) ⋅ Leandro Velasco
Exorcist Ransomware - From triaging to deep dive
Exorcist

2020-07-17 ⋅ Zscaler ⋅ Kaivalya Khursale, Sudeep Singh
New Voicemail-Themed Phishing Attacks Use Evasion Techniques and Steal Credentials

2020-07-15 ⋅ N1ght-W0lf Blog ⋅ Abdallah Elshinbary
Deep Analysis of QBot Banking Trojan
QakBot

2020-07-13 ⋅ Cofense ⋅ Charlie
Fell Deeds Awake

2020-07-10 ⋅ Zscaler ⋅ Naveen Selvan, Rohit Chaturvedi
Deep Dive Into the M00nD3V Logger
M00nD3V Logger

2020-07-09 ⋅ ESET Research ⋅ Matías Porolli
More evil: A deep look at Evilnum and its toolset
EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum

2020-07-08 ⋅ COLUMBIA | SIPA ⋅ Jennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?

2020-07-04 ⋅ N1ght-W0lf Blog ⋅ Abdallah Elshinbary
Deep Analysis of Anubis Banking Malware
Anubis

2020-06-23 ⋅ NCC Group ⋅ Michael Sandee, Nikolaos Pantazopoulos, Stefano Antenucci
WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group
Cobalt Strike ISFB WastedLocker

2020-06-21 ⋅ N1ght-W0lf Blog ⋅ Abdallah Elshinbary
Deep Analysis of SmokeLoader
SmokeLoader

2020-06-17 ⋅ Youtube (Red Canary) ⋅ Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot

2020-06-14 ⋅ BushidoToken ⋅ BushidoToken
Deep-dive: The DarkHotel APT
Asruex Ghost RAT Ramsay Retro Unidentified 076 (Higaisa LNK to Shellcode)

2020-06-11 ⋅ Zscaler ⋅ Atinderpal Singh, Sudeep Singh
The Return of the Higaisa APT
Unidentified 076 (Higaisa LNK to Shellcode)

2020-05-29 ⋅ Zscaler ⋅ Sudeep Singh
ShellReset RAT Spread Through Macro-Based Documents Using AppLocker Bypass
Quasar RAT

2020-05-20 ⋅ Zscaler ⋅ Amandeep Kumar, Rohit Chaturvedi
Latest Version of Amadey Introduces Screen Capturing and Pushes the Remcos RAT
Amadey Remcos

2020-05-14 ⋅ SentinelOne ⋅ Jason Reaves
Deep Dive Into TrickBot Executor Module “mexec”: Reversing the Dropper Variant
TrickBot

2020-05-11 ⋅ Sudeep Singh
Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT
EpicSplit RAT

2020-05-11 ⋅ Zscaler ⋅ Sudeep Singh
Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT
JSOutProx