Malpedia Library

Click here to download all references as Bib-File.•

2020-11-16 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
ELF_PLEAD - Linux Malware Used by BlackTech
PLEAD

2020-11-13 ⋅ Youtube (The Standoff) ⋅ Alexey Zakharov, Positive Technologies
FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research
CROSSWALK Unidentified 076 (Higaisa LNK to Shellcode)

2020-11-12 ⋅ Twitter (@ddash_ct) ⋅ ddash
Tweet on Lootwodniw
Lootwodniw

2020-10-03 ⋅ Medium vishal_thakur ⋅ Vishal Thakur
Grinju Downloader: Anti-analysis (on steroids) | Part 2
Grinju Downloader

2020-09-22 ⋅ Medium (@vishal_thakur) ⋅ Vishal Thakur
Grinju Downloader
Grinju Downloader

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-03 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on development in more_eggs
More_eggs

2020-08-17 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Short twitter thread with analysis on Loup ATM malware
Loup

2020-08-15 ⋅ Twitter (@Int2e_) ⋅ Adrien B
Tweet on DoubleFantasy
DoubleFantasy

2020-08-14 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Zloader infection leading to Cobaltstrike Installation
Cobalt Strike Zloader

2020-08-14 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on Echelon Stealer

2020-08-05 ⋅ BlackHat ⋅ Kevin Perlow
FASTCashand INJX_PURE: How Threat Actors Use Public Standards for Financial Fraud
FastCash

2020-07-28 ⋅ Medium (@vishal_thakur) ⋅ Vishal Thakur
LOLSnif Malware
LOLSnif

2020-07-24 ⋅ Medium tom_rock ⋅ Thomas Roccia
Fifty Shades of Malware Strings

2020-07-13 ⋅ Stage 2 Security ⋅ Waylon Grange
Anchor_dns malware goes cross platform
AnchorDNS

2020-07-06 ⋅ NTT ⋅ Security division of NTT Ltd.
TrickBot variant “Anchor_DNS” communicating over DNS
AnchorDNS TrickBot

2020-06-22 ⋅ Github (StrangerealIntel) ⋅ Twitter (@Arkbird_SOLG)
FTcode targets European countries
FTCODE

2020-06-17 ⋅ Twitter (@VK_intel) ⋅ malwrhunterteam, Vitali Kremez
Tweet on signed Tinymet payload (V.02) used by TA505
TinyMet

2020-06-11 ⋅ Twitter (@bad_packets) ⋅ Bad Packets Report
Tweet on Honda & Enel Critix(NetScaler) VPN server vulnerable to CVE-2019-19781, possibly targeted by SNAKE ransomware
Snake

2020-06-10 ⋅ James_inthe_box, jeFF0Falltrades, _re_fox
FRat Reporting, YARA, and IoCs
FRat Loader FRat