Malpedia Library

2020-05-06 ⋅ Twitter (@moranned) ⋅ Ned Moran
Tweet on side effects of Doxing in the context OilRig

2020-04-29 ⋅ Twitter (@h4ckak) ⋅ Ring4sky
More IOCs related to PhantomLance
PhantomLance

2020-04-22 ⋅ Github (jstrosch) ⋅ Josh Stroschein
Gomorrah stealer (.NET binary)
Gomorrah stealer

2020-04-02 ⋅ Morphisec ⋅ Arnold Osipov
GuLoader: The RAT Downloader
CloudEyE

2020-03-30 ⋅ IBM ⋅ Amir Gandler, Limor Kessem
Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy
Zeus OpenSSL Zloader

2020-03-24 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Three More Ransomware Families Create Sites to Leak Stolen Data
Clop DoppelPaymer Maze Nefilim Nemty REvil

2020-03-23 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth

2020-03-18 ⋅ Morphisec ⋅ Arnold Osipov
Parallax: The new RAT on the block
Parallax RAT

2020-02-28 ⋅ Morphisec ⋅ Michael Gorelik
Trickbot Delivery Method Gets a New Upgrade Focusing on Windows 10
TrickBot

2020-02-11 ⋅ Github (jeFF0Falltrades) ⋅ Jeff Archer
Metamorfo (aka Casbaneiro)
Metamorfo Unidentified 072 (Metamorfo Loader)

2020-02-10 ⋅ Bitdefender ⋅ Michael Rosen
Hypervisor Introspection Thwarts Web Memory Corruption Attack in the Wild
coldbrew

2020-02-10 ⋅ Malwarebytes ⋅ Adam Kujawa, Chris Boyd, David Ruiz, Jérôme Segura, Jovi Umawing, Nathan Collier, Pieter Arntz, Thomas Reed, Wendy Zamora
2020 State of Malware Report
magecart Emotet QakBot REvil Ryuk TrickBot WannaCryptor

2020-01-30 ⋅ Morphisec ⋅ Arnold Osipov
Trickbot Trojan Leveraging a New Windows 10 UAC Bypass
TrickBot

2020-01-27 ⋅ Yoroi ⋅ Luca Mella, Luigi Martire
Aggah: How to run a botnet without renting a Server (for more than a year)
LokiBot Azorult

2020-01-17 ⋅ Hiroaki Ogawa, Manabu Niseki
100 more behind cockroaches?
MoqHao Emotet Predator The Thief

2020-01-01 ⋅ University of Malta ⋅ Steve Borg
Memory Forensics of Qakbot
QakBot