Malpedia Library

Click here to download all references as Bib-File.•

2020-09-04 ⋅ Bellingcat ⋅ Bellingcat Investigation Team
Post-Mortem of a Triple Poisoning: New Details Emerge in GRU's Failed Murder Attempts in Bulgaria

2020-09-03 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on development in more_eggs
More_eggs

2020-08-27 ⋅ Hatching.io ⋅ Pete Cowman
Smokeloader Analysis and More Family Detections
SmokeLoader

2020-08-25 ⋅ Aqua Nautilus ⋅ Assaf Morag
Deep Analysis of TeamTNT Techniques Using Container Images to Attack
TeamTNT Tsunami XMRIG

2020-08-21 ⋅ Twitter (@GrujaRS) ⋅ GrujaRS
New #Morseop #Ransomware
Sfile

2020-08-20 ⋅ Bitdefender ⋅ Alexandru Maximciuc, Bogdan Rusu, Cristina Vatamanu, Liviu Arsene, Victor Vrabie
More Evidence of APT Hackers-for-Hire Usedfor Industrial Espionage

2020-08-20 ⋅ Morphisec ⋅ Arnold Osipov
QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal
QakBot

2020-08-07 ⋅ ESET Research ⋅ Vladislav Hrčka
Stadeo: Deobfuscating Stantinko and more
Stantinko

2020-07-31 ⋅ Department of Justice ⋅ Department of Justice
Malware Author Pleads Guilty for Role in Transnational Cybercrime Organization Responsible for more than $568 Million in Losses
FastPOS

2020-07-26 ⋅ Shells.System blog ⋅ Askar
In-Memory shellcode decoding to evade AVs/EDRs
Cobalt Strike

2020-07-15 ⋅ Yahoo News ⋅ Jenna McLaughlin, Kim Zetter, Sean D. Naylor, Zach Dorfman
Exclusive: Secret Trump order gives CIA more powers to launch cyberattacks

2020-07-09 ⋅ ESET Research ⋅ Matías Porolli
More evil: A deep look at Evilnum and its toolset
EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum

2020-07-08 ⋅ xunison ⋅ xunison
Analysis of SamoRAT
SamoRAT

2020-06-24 ⋅ Morphisec ⋅ Arnold Osipov
Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader

2020-06-23 ⋅ Kaspersky Labs ⋅ Alexander Eremin
Oh, what a boot-iful mornin’ Rovnix bootkit back in business
Rovnix

2020-06-17 ⋅ Twitter (@Timele9527) ⋅ Timele12138
Tweet on MoriAgent uesd by MuddyWater (incl YARA rule)
MoriAgent

2020-06-16 ⋅ Morphisec ⋅ Michael Gorelik
CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign

2020-06-04 ⋅ Bitdefender ⋅ Janos Gergo Szeles, Ruben Andrei Condor
Loading DLLs for illicit profit. A story about a Metamorfo distribution campaign
Metamorfo

2020-06-02 ⋅ Morphisec ⋅ Arnold Osipov
Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB

2020-05-28 ⋅ Cybereason ⋅ Assaf Dahan, Eli Salem, Lior Rochberger
Valak: More than Meets the Eye
Valak