Malpedia Library

Click here to download all references as Bib-File.•

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050

2023-02-21 ⋅ Zscaler ⋅ Nikolaos Pantazopoulos, Sarthak Misraa
Technical Analysis of Rhadamanthys Obfuscation Techniques
Rhadamanthys

2023-02-21 ⋅ SecurityIntelligence ⋅ Ruben Boonen
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
FudModule

2023-02-20 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1
Stealc

2023-02-20 ⋅ 0xToxin Labs ⋅ @0xToxin
Vidar Stealer H&M Campaign
Vidar

2023-02-20 ⋅ Trendmicro ⋅ Byron Gelera, Ivan Nicole Chavez, Nathaniel Morales
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Royal Ransom Royal Ransom

2023-02-20 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 12: encrypt payload via TEA. Simple C++ example.

2023-02-19 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis

2023-02-19 ⋅ Geeky Panda Tales ⋅ GeekyPanda
The Infostealer Pie: Python Malware Analysis
Venus Stealer

2023-02-18 ⋅ secrss ⋅ Qianxin Virus Response Center
Don’t follow in the footsteps of the 4 billion data leak incident! Early warning for attacks in the financial and securities industries
ValleyRAT

2023-02-18 ⋅ malware.love ⋅ Robert Giczewski
TrueBot Analysis Part II - Static unpacker
Silence

2023-02-17 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joseph C Chen
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
WhiskerSpy Earth Kitsune

2023-02-17 ⋅ cyble ⋅ Cyble
The Many Faces of Qakbot Malware: A Look at Its Diverse Distribution Methods
QakBot

2023-02-17 ⋅ Twitter (@luc4m) ⋅ Luca Mella
Tweets about Darkbit's intermittent encryption
DarkBit

2023-02-16 ⋅ cyble ⋅ Cyble
ALTOUFAN TEAM Targets the Middle East
Altoufan Team

2023-02-16 ⋅ ThreatMon ⋅ Seyit Sigirci (@h3xecute), ThreatMon Malware Research Team
APT SideCopy Targeting Indian Government Entities - Analysis of the new version of ReverseRAT
Unidentified 005 (Sidecopy) ReverseRAT

2023-02-16 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Collin Farr, Joey Chen, QGroup
WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

2023-02-16 ⋅ ThreatZero ⋅ Raphael Mendonça
Mass Attack buhtiRansom - CVE-2022–47986

2023-02-16 ⋅ EclecticIQ ⋅ EclecticIQ Threat Research Team
Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon

2023-02-16 ⋅ Trend Micro ⋅ Hara Hiroaki, Masaoki Shoji, Yuka Higashi
Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns
MirrorKey TransBox Earth Yako