Malpedia Library

Click here to download all references as Bib-File.•

2021-10-01 ⋅ 0ffset Blog ⋅ Chuong Dong
SQUIRRELWAFFLE – Analysing the Custom Packer
Cobalt Strike Squirrelwaffle

2021-09-29 ⋅ Kaspersky Labs ⋅ Ivan Kwiatkowski, Pierre Delcher
DarkHalo after SolarWinds: the Tomiris connection (UNC2849)
tomiris Storm-0473

2021-09-27 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Gilbert Sison, Joelson Soares, Ryan Maglaque, Warren Sto.Tomas
Fake Installers Drop Malware and Open Doors for Opportunistic Attackers
RedLine Stealer Socelars Vidar

2021-09-24 ⋅ Trend Micro ⋅ Warren Sto.Tomas
Examining the Cring Ransomware Techniques
Cobalt Strike Cring MimiKatz

2021-09-23 ⋅ lacework ⋅ Jared Stroud, Tom Hegel
HCRootkit / Sutersu Linux Rootkit Analysis
Suterusu

2021-09-21 ⋅ Trend Micro ⋅ Josefino Fajilago IV, Nikki Madayag
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

2021-09-16 ⋅ PCrisk ⋅ Tomas Meskauskas
.harma (Ouroboros) ransomware from the operating system
Zeropadypt

2021-09-16 ⋅ Twitter (@GossiTheDog) ⋅ Kevin Beaumont
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot

2021-09-16 ⋅ Objective-See ⋅ Tom McGuire
Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild
Chrysaor

2021-09-14 ⋅ Twitter (@siri_urz) ⋅ S!Ri
Tweet on ATOMSILO ransomware
ATOMSILO

2021-09-02 ⋅ nviso ⋅ Maxime Thiebaut
Anatomy and Disruption of Metasploit Shellcode

2021-09-01 ⋅ Intezer ⋅ Intezer
TeamTNT: Cryptomining Explosion
TeamTNT Tsunami

2021-08-16 ⋅ Trend Micro ⋅ Byron Gelera, Cris Tomboc, Jayson Chong, Jett Paulo Bernardo, Mark Marti, Nikki Madayag, Sean Torre
LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK
LockBit

2021-08-11 ⋅ GEMINI ⋅ Insikt Group®
Amid Boom in Phishing, Fraudsters Target Customers of Small and Mid-sized Banks

2021-08-10 ⋅ PCrisk ⋅ Tomas Meskauskas
PCRisk description for Shurk Steal
Shurk Steal

2021-08-10 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Crytek confirms Egregor ransomware attack, customer data theft
Egregor Maze

2021-08-06 ⋅ ESET Research ⋅ Anton Cherepanov, Zuzana Hromcová
Anatomy of native IIS malware
IISniff RGDoor

2021-08-05 ⋅ Uptycs ⋅ Siddharth Sharma
Cryptominer ELFs Using MSR to Boost Mining Process

2021-08-04 ⋅ ESET Research ⋅ Zuzana Hromcová
Anatomy of Native IIS Malware (white papaer)
IISniff RGDoor

2021-08-04 ⋅ ESET Research ⋅ Zuzana Hromcová
Anatomy of Native IIS Malware (slides)
IISniff RGDoor