Malpedia Library

2021-01-26 ⋅ Medium cycrafttechnology ⋅ CyCraft Technology Corp
Threat Attribution — Chimera "Under the Radar"

2021-01-26 ⋅ Medium s2wlab ⋅ Hyunmin Suh
W4 Jan | EN | Story of the week: Ransomware on the Darkweb
Avaddon Babuk LockBit

2021-01-26 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
Reversing APT Tool : SManager (Unpacked)
SManager

2021-01-25 ⋅ Medium CSIS Techblog ⋅ Benoît Ancel
The Nemty affiliate model
Nemty

2021-01-24 ⋅ Medium vrieshd ⋅ VriesHD
Finding SUNBURST victims and targets by using passive DNS, OSINT
SUNBURST

2021-01-24 ⋅ Medium nasbench ⋅ Nasreddine Bencherchali
Common Tools & Techniques Used By Threat Actors and Malware — Part I

2021-01-21 ⋅ Medium CSIS Techblog ⋅ Søren Fritzbøger
Silencing Microsoft Defender for Endpoint using firewall rules

2021-01-20 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Anchor and Lazarus together again?
Anchor TrickBot

2021-01-19 ⋅ Medium validhorizon ⋅ Daniel Gordon
Oh, So You Got IOCs? Being a Good CTI Consumer

2021-01-19 ⋅ Medium elis531989 ⋅ Eli Salem
Funtastic Packers And Where To Find Them
Get2 IcedID QakBot

2021-01-16 ⋅ Medium ⋅ Isha Kudkar
Oski Stealer : A Credential Theft Malware
Oski Stealer

2021-01-16 ⋅ Medium christiaanbeek ⋅ Christiaan Beek
VHD Forensics — the sequel

2021-01-15 ⋅ Medium Dansec ⋅ Dan Lussier
Detecting Malicious C2 Activity -SpawnAs & SMB Lateral Movement in CobaltStrike
Cobalt Strike

2021-01-13 ⋅ Medium Coinmonks ⋅ Coinmonks, Rakesh Krishnan
Passive Income of Cyber Criminals: Dissecting Bitcoin Multiplier Scam
Magniber

2021-01-12 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
De-ofuscating GoLang Functions

2021-01-04 ⋅ Medium haggis-m ⋅ Michael Haag
Malleable C2 Profiles and You
Cobalt Strike

2020-12-26 ⋅ Medium grimminck ⋅ Stefan Grimminck
Spoofing JARM signatures. I am the Cobalt Strike server now!
Cobalt Strike

2020-12-22 ⋅ Medium mitre-attack ⋅ Adam Pennington, Matt Malone
Identifying UNC2452-Related Techniques for ATT&CK
SUNBURST TEARDROP UNC2452