Malpedia Library

Click here to download all references as Bib-File.•

2021-10-07 ⋅ ANY.RUN ⋅ ANY.RUN
ANY.RUN report for activity of the downloader

2021-10-07 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: BluStealer Infostealer
BluStealer

2021-10-07 ⋅ Mandiant ⋅ Adam Brunner, Genevieve Stark, Jennifer Brooks, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Zach Riddle
FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets
BazarBackdoor GRIMAGENT Ryuk

2021-10-06 ⋅ Blackberry ⋅ Blackberry Research
Finding Beacons in the Dark
Cobalt Strike

2021-10-06 ⋅ Cybereason ⋅ Assaf Dahan, Chen Erlich, Daniel Frank, Tom Fakterman
Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms
ShellClient RAT

2021-10-06 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on ERMAC android malware
ERMAC

2021-10-06 ⋅ ESET Research ⋅ Martina López
To the moon and hack: Fake SafeMoon app drops malware to spy on you
Remcos

2021-10-05 ⋅ Trend Micro ⋅ Byron Gelera, Fyodor Yarochkin, Janus Agcaoili, Nikko Tamana
Ransomware as a Service: Enabler of Widespread Attacks
Cerber Conti DarkSide Gandcrab Locky Nefilim REvil Ryuk

2021-10-05 ⋅ Recorded Future ⋅ Insikt Group®
Illegal Activities Endure on China's Dark Web Despite Strict Internet Control

2021-10-05 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Drawing a Dragon: Connecting the Dots to Find APT41
Cobalt Strike Ghost RAT

2021-10-04 ⋅ Github (OALabs) ⋅ OALabs
Reverse engineered the Hancitor DLL and built a static config extractor
Hancitor

2021-10-04 ⋅ Sophos ⋅ Chaitanya Ghorpade, Kajal Katiyar, Krisztián Diriczi, Rahil Shah, Sean Gallagher, Vikas Singh
Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
ATOMSILO Cobalt Strike

2021-10-04 ⋅ pid4.io ⋅ James Hovious
How to Write a Hancitor Extractor in Go
Hancitor

2021-10-04 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Malware Gh0stTimes Used by BlackTech
Gh0stTimes Ghost RAT

2021-10-01 ⋅ 0ffset Blog ⋅ Chuong Dong
SQUIRRELWAFFLE – Analysing the Custom Packer
Cobalt Strike Squirrelwaffle

2021-10-01 ⋅ ZeroFox ⋅ Stephan Simon
Babuk Ransomware Variant Delta Plus Used in Live Attacks After Source Code Leaked
Babuk

2021-09-30 ⋅ Cisco ⋅ Arnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

2021-09-30 ⋅ Trend Micro ⋅ Luis Magisa, Steven Du
Mac Users Targeted by Trojanized iTerm2 App
ZuRu

2021-09-30 ⋅ lacework ⋅ Lacework Labs
Mirai goes Stealth – TLS & IoT Malware
Mirai VPNFilter

2021-09-30 ⋅ SentinelOne ⋅ Amitai Ben Shushan Ehrlich
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Apostle