Malpedia Library

Click here to download all references as Bib-File.•

2020-07-15 ⋅ Yahoo News ⋅ Jenna McLaughlin, Kim Zetter, Sean D. Naylor, Zach Dorfman
Exclusive: Secret Trump order gives CIA more powers to launch cyberattacks

2020-07-09 ⋅ ESET Research ⋅ Matías Porolli
More evil: A deep look at Evilnum and its toolset
EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum

2020-07-08 ⋅ xunison ⋅ xunison
Analysis of SamoRAT
SamoRAT

2020-06-24 ⋅ Morphisec ⋅ Arnold Osipov
Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader

2020-06-23 ⋅ Kaspersky Labs ⋅ Alexander Eremin
Oh, what a boot-iful mornin’ Rovnix bootkit back in business
Rovnix

2020-06-17 ⋅ Twitter (@Timele9527) ⋅ Timele12138
Tweet on MoriAgent uesd by MuddyWater (incl YARA rule)
MoriAgent

2020-06-16 ⋅ Morphisec ⋅ Michael Gorelik
CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign

2020-06-04 ⋅ Bitdefender ⋅ Janos Gergo Szeles, Ruben Andrei Condor
Loading DLLs for illicit profit. A story about a Metamorfo distribution campaign
Metamorfo

2020-06-02 ⋅ Morphisec ⋅ Arnold Osipov
Ursnif/Gozi Delivery - Excel Macro 4.0 Utilization Uptick & OCR Bypass
ISFB

2020-05-28 ⋅ Cybereason ⋅ Assaf Dahan, Eli Salem, Lior Rochberger
Valak: More than Meets the Eye
Valak

2020-05-28 ⋅ Twitter (@Andrew___Morris) ⋅ Andrew Morris
Tweet on Sandworm threat actor exploiting CVE-2019-10149

2020-05-21 ⋅ Armorblox ⋅ Chetan Anand
Blox Tales #6: Subpoena-Themed Phishing With CAPTCHA Redirect

2020-05-14 ⋅ tccontre Blog ⋅ tcontre
Netwalker Ransomware: [API Call Obfuscation (using Structure) and Evading Memory Forensic]
Mailto

2020-05-11 ⋅ SecurityIntelligence ⋅ Limor Kessem, Nir Shwarts
Zeus Sphinx Back in Business: Some Core Modifications Arise
Zeus Sphinx

2020-05-07 ⋅ paloalto LIVEcommunity ⋅ Mohammed Yasin
How to stop MortiAgent Malware using the snort rule?
MoriAgent