Malpedia Library

2023-08-06 ⋅ 0xToxin Labs ⋅ @0xToxin
DarkGate - Threat Breakdown Journey
DarkGate

2023-08-03 ⋅ OALabs ⋅ Sergei Frankoff
Golang Garble String Decryption
Bandit Stealer

2023-08-03 ⋅ Aon ⋅ Aon’s Cyber Labs
DarkGate Keylogger Analysis: Masterofnone
DarkGate

2023-08-03 ⋅ AhnLab ⋅ ASEC
Reptile Malware Targeting Linux Systems
Melofee reptile Winnti

2023-08-03 ⋅ Kaspersky ⋅ Kaspersky
What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
LokiBot DarkGate Emotet

2023-08-03 ⋅ DARKReading ⋅ Nate Nelson
Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection
Callisto

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023
Callisto

2023-08-02 ⋅ Checkmarx ⋅ Yehuda Gelb
Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector

2023-08-02 ⋅ Medium (@morimolymoly) ⋅ morimolymoly
HUI Loader — Malware Analysis Note
HUI Loader

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG 53, Continues to Deploy New Infrastructure in 2023

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023

2023-08-02 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
UNC2452

2023-08-01 ⋅ Infinitum IT ⋅ Kerime Gencay
White Snake Stealer Analysis Report (Paywall)
WhiteSnake Stealer

2023-08-01 ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
Analysis of Recent Activities of the Mylobot Botnet
MyloBot

2023-08-01 ⋅ ANALYST1 ⋅ Jon DiMaggio
Ransomware Diaries: Volume 3 – LockBit’s Secrets
LockBit

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-08-01 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
BatLoader Continues Signed MSIX App Package Abuse
BATLOADER

2023-08-01 ⋅ LinkedIn (PRODAFT) ⋅ PRODAFT
An organic relationship between the #Rhysida and #ViceSociety ransomware teams
Rhysida

2023-08-01 ⋅ AhnLab ⋅ ASEC
Sliver C2 Being Distributed Through Korean Program Development Company
Sliver

2023-08-01 ⋅ SentinelOne ⋅ Tom Hegel
Illicit Brand Impersonation | A Threat Hunting Approach