Malpedia Library

Click here to download all references as Bib-File.•

2023-02-22 ⋅ SOC Prime ⋅ Daryna Olyniychuk
New Phishing Attack Detection Attributed to the UAC-0050 and UAC-0096 Groups Spreading Remcos Spyware
Remcos UAC-0050

2023-02-22 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia
Cobalt Strike

2023-02-22 ⋅ Bitdefender ⋅ Bitdefender
S1deload Stealer – Exploring the Economics of Social Network Account Hijacking

2023-02-21 ⋅ Sekoia ⋅ Livia Tibirna, Maxime A, Sekoia TDR
One Year After: The Cyber Implications of the Russo-Ukrainian War
Callisto

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050

2023-02-21 ⋅ Zscaler ⋅ Nikolaos Pantazopoulos, Sarthak Misraa
Technical Analysis of Rhadamanthys Obfuscation Techniques
Rhadamanthys

2023-02-21 ⋅ SecurityIntelligence ⋅ Ruben Boonen
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
FudModule

2023-02-20 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1
Stealc

2023-02-20 ⋅ 0xToxin Labs ⋅ @0xToxin
Vidar Stealer H&M Campaign
Vidar

2023-02-20 ⋅ Trendmicro ⋅ Byron Gelera, Ivan Nicole Chavez, Nathaniel Morales
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Royal Ransom Royal Ransom

2023-02-20 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 12: encrypt payload via TEA. Simple C++ example.

2023-02-19 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis

2023-02-19 ⋅ Geeky Panda Tales ⋅ GeekyPanda
The Infostealer Pie: Python Malware Analysis
Venus Stealer

2023-02-18 ⋅ secrss ⋅ Qianxin Virus Response Center
Don’t follow in the footsteps of the 4 billion data leak incident! Early warning for attacks in the financial and securities industries
ValleyRAT

2023-02-18 ⋅ malware.love ⋅ Robert Giczewski
TrueBot Analysis Part II - Static unpacker
Silence

2023-02-17 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joseph C Chen
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
WhiskerSpy Earth Kitsune

2023-02-17 ⋅ cyble ⋅ Cyble
The Many Faces of Qakbot Malware: A Look at Its Diverse Distribution Methods
QakBot

2023-02-17 ⋅ Twitter (@luc4m) ⋅ Luca Mella
Tweets about Darkbit's intermittent encryption
DarkBit

2023-02-16 ⋅ cyble ⋅ Cyble
ALTOUFAN TEAM Targets the Middle East
Altoufan Team

2023-02-16 ⋅ ThreatMon ⋅ Seyit Sigirci (@h3xecute), ThreatMon Malware Research Team
APT SideCopy Targeting Indian Government Entities - Analysis of the new version of ReverseRAT
Unidentified 005 (Sidecopy) ReverseRAT