Malpedia Library

2021-01-04 ⋅ nao_sec blog ⋅ nao_sec
Royal Road! Re:Dive
8.t Dropper Chinoxy FlowCloud FunnyDream Lookback

2020-12-17 ⋅ Twitter (@megabeets_) ⋅ Itay Cohen
Tweet on SUNBURST malware discussing some of its evasion techniques
SUNBURST

2020-12-10 ⋅ Guardicore ⋅ Omri Marom, Ophir Harpaz
PLEASE_READ_ME: The Opportunistic Ransomware Devastating MySQL Servers

2020-11-28 ⋅ pat_h/to/file ⋅ pat_h/to/file
Hunting Koadic Pt. 2 - JARM Fingerprinting
Koadic

2020-11-21 ⋅ Medium Intel-Honey ⋅ Twitter (@intel_honey)
Reversing Anubis Malware
Anubis

2020-11-19 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Trickbot Group pushing LIGHTBOT powershell script to gather information about AD Server
LightBot

2020-11-17 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on a new fileless TrickBot loading method using code from MemoryModule
TrickBot

2020-11-16 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
ELF_PLEAD - Linux Malware Used by BlackTech
PLEAD

2020-11-13 ⋅ Youtube (The Standoff) ⋅ Alexey Zakharov, Positive Technologies
FF_202_Eng - From old Higaisa samples to new Winnti backdoors: The story of one research
CROSSWALK Unidentified 076 (Higaisa LNK to Shellcode)

2020-11-12 ⋅ Twitter (@ddash_ct) ⋅ ddash
Tweet on Lootwodniw
Lootwodniw

2020-10-03 ⋅ Medium vishal_thakur ⋅ Vishal Thakur
Grinju Downloader: Anti-analysis (on steroids) | Part 2
Grinju Downloader

2020-09-22 ⋅ Medium (@vishal_thakur) ⋅ Vishal Thakur
Grinju Downloader
Grinju Downloader

2020-09-11 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on discovery of a sample
Turla SilentMoon

2020-09-03 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on development in more_eggs
More_eggs

2020-08-17 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Short twitter thread with analysis on Loup ATM malware
Loup

2020-08-15 ⋅ Twitter (@Int2e_) ⋅ Adrien B
Tweet on DoubleFantasy
DoubleFantasy

2020-08-14 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Zloader infection leading to Cobaltstrike Installation
Cobalt Strike Zloader

2020-08-14 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on Echelon Stealer