Malpedia Library

Click here to download all references as Bib-File.•

2020-06-04 ⋅ Bitdefender ⋅ Janos Gergo Szeles, Ruben Andrei Condor
Loading DLLs for illicit profit. A story about a Metamorfo distribution campaign
Metamorfo

2020-06-02 ⋅ Morphisec ⋅ Arnold Osipov
Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB

2020-05-28 ⋅ Cybereason ⋅ Assaf Dahan, Eli Salem, Lior Rochberger
Valak: More than Meets the Eye
Valak

2020-05-28 ⋅ Twitter (@Andrew___Morris) ⋅ Andrew Morris
Tweet on Sandworm threat actor exploiting CVE-2019-10149

2020-05-21 ⋅ Armorblox ⋅ Chetan Anand
Blox Tales #6: Subpoena-Themed Phishing With CAPTCHA Redirect

2020-05-14 ⋅ tccontre Blog ⋅ tcontre
Netwalker Ransomware: [API Call Obfuscation (using Structure) and Evading Memory Forensic]
Mailto

2020-05-11 ⋅ SecurityIntelligence ⋅ Limor Kessem, Nir Shwarts
Zeus Sphinx Back in Business: Some Core Modifications Arise
Zeus Sphinx

2020-05-07 ⋅ paloalto LIVEcommunity ⋅ Mohammed Yasin
How to stop MortiAgent Malware using the snort rule?
MoriAgent

2020-05-06 ⋅ Twitter (@moranned) ⋅ Ned Moran
Tweet on side effects of Doxing in the context OilRig

2020-04-29 ⋅ Twitter (@h4ckak) ⋅ Ring4sky
More IOCs related to PhantomLance
PhantomLance

2020-04-22 ⋅ Github (jstrosch) ⋅ Josh Stroschein
Gomorrah stealer (.NET binary)
Gomorrah stealer

2020-04-02 ⋅ Morphisec ⋅ Arnold Osipov
GuLoader: The RAT Downloader
CloudEyE

2020-03-30 ⋅ IBM ⋅ Amir Gandler, Limor Kessem
Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy
Zeus OpenSSL Zloader

2020-03-24 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Three More Ransomware Families Create Sites to Leak Stolen Data
Clop DoppelPaymer Maze Nefilim Nemty REvil

2020-03-23 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth

2020-03-20 ⋅ Bitdefender ⋅ Liviu Arsene
5 Times More Coronavirus-themed Malware Reports during March
ostap HawkEye Keylogger Koadic Loki Password Stealer (PWS) Nanocore RAT Remcos

2020-03-18 ⋅ Morphisec ⋅ Arnold Osipov
Parallax: The new RAT on the block
Parallax RAT

2020-02-28 ⋅ Morphisec ⋅ Michael Gorelik
Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10
TrickBot

2020-02-11 ⋅ Github (jeFF0Falltrades) ⋅ Jeff Archer
Metamorfo (aka Casbaneiro)
Metamorfo Unidentified 072 (Metamorfo Loader)

2020-02-10 ⋅ Bitdefender ⋅ Michael Rosen
Hypervisor Introspection Thwarts Web Memory Corruption Attack in the Wild
coldbrew