Malpedia Library

Click here to download all references as Bib-File.•

2021-11-12 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweets on Void Balaur using QuantLoader and ZStealer
QuantLoader ZStealer

2021-11-11 ⋅ Twitter (@aRtAGGI) ⋅ Michael Raggi
Tweet on APT31 using compromised PakEdge Rk1&RE2 router IPs as exit nodes in reconnaissance phishing campaigns

2021-11-10 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.

2021-11-10 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe

2021-11-09 ⋅ Twitter (@AvastThreatLabs)
Tweet by Avast on a new Android Banker they call MasterFred
MasterFred

2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike

2021-11-05 ⋅ Twitter (@inversecos) ⋅ inversecos
TTPs used by Pysa Ransonmware group
Mespinoza MimiKatz

2021-11-03 ⋅ Twitter (@Corvid_Cyber) ⋅ CORVID
Tweet on a unique Qbot debugger dropped by an actor after compromise
QakBot

2021-11-02 ⋅ Twitter (@malwrhunterteam) ⋅ malwrhunterteam
Tweet on linux version of Hive Ransomware group's command to shut down ESXI VMs
Hive

2021-10-29 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on FreeBSD and LInux version of Hive ransomware
Hive

2021-10-28 ⋅ Twitter (@BrettCallow) ⋅ Brett Callow
Tweet on suspected actor behind Payorgrief ransomware
DoppelDridex DoppelPaymer

2021-10-27 ⋅ Twitter (@darienhuss) ⋅ Darien Huss
Tweet on FinickyFrogfish/Wslink malware used by TA444
Wslink

2021-10-26 ⋅ Intezer ⋅ Twitter (IntezerLabs)
Tweet on Linux version of REvil ransomware
REvil

2021-10-22 ⋅ Twitter (@GelosSnake) ⋅ Omri Segev Moyal
Tweet on List of wallets used by Darkside/Blackmatter Operator to split out the money
BlackMatter DarkSide BlackMatter DarkSide

2021-10-21 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on new variant of mac malware UpdateAgent/WizardUpdate
Vigram

2021-10-20 ⋅ Twitter (@lampnout) ⋅ Lampros Noutsos
Persistence and Privilege Escalation on Windows via Print Processors
CCleaner Backdoor

2021-10-19 ⋅ Twitter (@campuscodi) ⋅ Catalin Cimpanu
Tweet on Moses Staff
MosesStaff

2021-10-12 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex

2021-10-07 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard, Google Threat Analysis Group
Tweet on IOCs related to APT28

2021-10-06 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on ERMAC android malware
ERMAC