Malpedia Library

Click here to download all references as Bib-File.•

2022-12-02 ⋅ Avast Decoded ⋅ Threat Intelligence Team
Hitching a ride with Mustang Panda
PlugX

2022-12-02 ⋅ Github (binref) ⋅ Jesko Hüttenhain
The Refinery Files 0x06: Qakbot Decoder
QakBot

2022-12-01 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques
Metador

2022-12-01 ⋅ mostwanted002
Malware Analysis and Triage Report : PirateStealer - Discord_beta.exe
PirateStealer

2022-12-01 ⋅ ⋅ Kaspersky ⋅ Fyodor Sinitsyn, Yanis Zinchenko
Новый троянец CryWiper прикидывается шифровальщиком

2022-12-01 ⋅ splunk ⋅ Splunk Threat Research Team
From Macros to No Macros: Continuous Malware Improvements by QakBot
QakBot

2022-12-01 ⋅ Zscaler ⋅ Zscaler
Back in Black... Basta - Technical Analysis of BlackBasta Ransomware 2.0
Black Basta

2022-12-01 ⋅ CISA ⋅ CISA
#StopRansomware: Cuba Ransomware
Cuba

2022-11-30 ⋅ SentinelOne ⋅ SentinelOne
RansomEXX Ransomware: In-Depth Analysis, Detection, and Mitigation
RansomEXX RansomEXX

2022-11-30 ⋅ TampaBayTech ⋅ tampabaytech2
Arechclient2
SectopRAT

2022-11-30 ⋅ CyberFlorida ⋅ CyberFlorida
Malware with Sandbox Evasion Techniques Observed Stealing Browser Cached Credentials
SectopRAT

2022-11-30 ⋅ ⋅ Qianxin Threat Intelligence Center ⋅ Red Raindrop Team
Analysis of APT29's attack activities against Italy
Unidentified 098 (APT29 Slack Downloader)

2022-11-30 ⋅ Sophos ⋅ Andrew Brandt
LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling
LockBit

2022-11-30 ⋅ Tidal Cyber Inc. ⋅ Scott Small
Identifying and Defending Against QakBot's Evolving TTPs
QakBot

2022-11-30 ⋅ BitSight ⋅ André Tavares
Unpacking Colibri Loader: A Russian APT linked Campaign
Colibri Loader PrivateLoader

2022-11-30 ⋅ ESET Research ⋅ Filip Jurčacko
Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin

2022-11-30 ⋅ ⋅ FFRI Security ⋅ Matsumoto
Evolution of the PlugX loader
PlugX Poison Ivy

2022-11-29 ⋅ Mandiant ⋅ Doug Bienstock, Luke Jenkins, Parnian Najafi, Sarah Hawley
Suspected Russian Activity Targeting Government and Business Entities Around the Globe
CEELOADER CryptBot

2022-11-29 ⋅ Recorded Future ⋅ Insikt Group
Suspected Iran-Nexus TAG-56 Uses UAE Forum Lure for Credential Theft Against US Think Tank
TAG-56

2022-11-29 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Job hunting trap: Analysis of Lazarus attack activities using recruitment information such as Mizuho Bank of Japan as bait
CageyChameleon Cur1Downloader