Malpedia Library

Click here to download all references as Bib-File.•

2023-04-09 ⋅ LianSecurity ⋅ LianSecurity
Nexus Android Trojan Analysis Report
Nexus S.O.V.A.

2023-04-09 ⋅ @0xToxin
LummaC2 BreakDown
Lumma Stealer

2023-04-08 ⋅ Twitter (@embee_research) ⋅ Embee_research
Dcrat - Manual De-obfuscation of .NET Malware
DCRat

2023-04-08 ⋅ Team Cymru ⋅ Scott Fisher
Deriving Insight from Threat Actor Infrastructure
Raccoon

2023-04-08 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.

2023-04-08 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Uncovering Suspected Malware Distributed By Individuals from Vietnam
AsyncRAT DCRat WorldWind

2023-04-07 ⋅ Elastic ⋅ Salim Bitam
Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm

2023-04-07 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit Storm-1084

2023-04-06 ⋅ OALabs ⋅ Sergei Frankoff
PhotoLoader ICEDID
PhotoLoader

2023-04-06 ⋅ Spamhaus ⋅ Raashid Bhat
Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch
Tofsee

2023-04-06 ⋅ Spamhaus ⋅ Raashid Bhat
Neutralizing Tofsee Spambot – Part 2 | InMemoryConfig store vaccine
Tofsee

2023-04-06 ⋅ Spamhaus ⋅ Raashid Bhat
Neutralizing Tofsee Spambot – Part 1 | Binary file vaccine
Tofsee

2023-04-05 ⋅ Google ⋅ Adam Weidemann, Google Threat Analysis Group
How we’re protecting users from government-backed attacks from North Korea
BabyShark

2023-04-05 ⋅ velociraptor ⋅ Matt Green
Automating Qakbot Decode At Scale
QakBot

2023-04-05 ⋅ Outpost24 ⋅ Alberto Marín
Everything you need to know about the LummaC2 Stealer: Leveraging IDA Python and Unicorn to deobfuscate Windows API Hashing
Lumma Stealer

2023-04-05 ⋅ Medium Ilandu ⋅ Ilan Duhin
PortDoor - APT Backdoor analysis
ACBackdoor 8.t Dropper PortDoor

2023-04-04 ⋅ Team Cymru ⋅ S2 Research Team, Team Cymru
A Blog with NoName
Dosia

2023-04-04 ⋅ Symantec ⋅ Threat Hunter Team
Mantis: New Tooling Used in Attacks Against Palestinian Targets
Arid Gopher Micropsia

2023-04-04 ⋅ Group-IB ⋅ Andrey Zhdanov, Vladislav Azersky
The old way: BabLock, new ransomware quietly cruising around Europe, Middle East, and Asia
Rorschach Ransomware

2023-04-04 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities
Typhon Stealer