Malpedia Library

Click here to download all references as Bib-File.•

2021-05-24 ⋅ ⋅ Medium s2wlab ⋅ Seunghoe Kim
Deep Analysis of Raccoon Stealer
Raccoon

2021-05-19 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike

2021-05-18 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
A native packer for Android/MoqHao
MoqHao

2021-05-17 ⋅ Medium s2wlab ⋅ Denise Dasom Kim, Hyunmin Suh, Jungyeon Lim, YH Jeong
W3 May | EN | Story of the week: Code Signing Certificate on the Darkweb
Stuxnet

2021-05-12 ⋅ Medium Mehmet Ergene ⋅ Mehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1
Cobalt Strike

2021-05-07 ⋅ Medium svch0st ⋅ svch0st
Stats from Hunting Cobalt Strike Beacons
Cobalt Strike

2021-05-04 ⋅ Medium sergiusechel ⋅ Sergiu Sechel
Improving the network-based detection of Cobalt Strike C2 servers in the wild while reducing the risk of false positives
Cobalt Strike

2021-05-03 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
BuerLoader Updates
Buer

2021-04-30 ⋅ Medium ateixei ⋅ Alex Teixeira
Detecting network beacons via KQL using simple spread stats functions

2021-04-27 ⋅ Medium Cedric Owens ⋅ Cedric Owens
macOS Gatekeeper Bypass (2021 Edition)
Shlayer

2021-04-26 ⋅ ⋅ Medium testbnull ⋅ Min-Chang Jang
Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)

2021-04-24 ⋅ Medium lordx64 ⋅ Taha Karim
Initial analysis of PasswordState supply chain attack backdoor code

2021-04-20 ⋅ Medium Packt ⋅ Packt
What Is Cyber Threat Intelligence?

2021-04-20 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
CobaltStrike Stager Utilizing Floating Point Math
Cobalt Strike

2021-04-19 ⋅ Medium elis531989 ⋅ Eli Salem
Dancing With Shellcodes: Cracking the latest version of Guloader
CloudEyE

2021-04-16 ⋅ Medium (Bank Security) ⋅ Bank_Security
Are the hackers all Russian? Results of a 1 year espionage operation in the Top-tier Russian underground communities

2021-04-15 ⋅ Medium BI.ZONE ⋅ Anton Medvedev, Demyan Sokolin, Vadim Khrykov
Hunting Down MS Exchange Attacks. Part 1. ProxyLogon (CVE-2021–26855, 26858, 27065, 26857)

2021-04-09 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
A Relook at the TerraLoader Dropper DLL
TerraLoader

2021-04-07 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Not your same old adware anymore, PBOT updates

2021-04-07 ⋅ Medium sixdub ⋅ Justin Warner
Using Kaitai Struct to Parse Cobalt Strike Beacon Configs
Cobalt Strike