Malpedia Library

Click here to download all references as Bib-File.•

2023-05-03 ⋅ Palo Alto Networks Unit 42 ⋅ Bob Jung, Daniel Raygoza, Mark Lim
Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale
IcedID PhotoLoader

2023-05-02 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Transparent Tribe APT actively lures Indian Army amidst increased targeting of Educational Institutions
Crimson RAT

2023-05-02 ⋅ loginsoft ⋅ System-41
IcedID Malware: Traversing Through its Various Incarnations
IcedID

2023-05-02 ⋅ Trend Micro ⋅ Hara Hiroaki, Ted Lee
Attack on Security Titans: Earth Longzhi Returns With New Tricks
Croxloader SPHijacker Earth Longzhi

2023-05-01 ⋅ Quorum Cyber ⋅ Quorum Cyber
RTM Locker ransomware targets VMware ESXi servers
RTM Locker

2023-05-01 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto

2023-05-01 ⋅ Check Point Research ⋅ Check Point Research
Chain Reaction: RokRAT's Missing Link
Amadey RokRAT

2023-04-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562)
Mocky LNK

2023-04-28 ⋅ Twitter (@MichalKoczwara) ⋅ Michael Koczwara
Tweet on hunting BRC4 infrastructure
Brute Ratel C4

2023-04-28 ⋅ Twitter (@MalGamy12) ⋅ Gameel Ali
Tweet explaning similarity between Conti and Akira code
Akira

2023-04-28 ⋅ DISCARDED Podcast ⋅ Joe Wise, Pim Trouerbach
Beyond Banking: IcedID Gets Forked
IcedID PhotoLoader

2023-04-28 ⋅ Trend Micro ⋅ Don Ovid Ladores, Earle Maui Earnshaw, Ian Kenefick
Rapture, a Ransomware Family With Similarities to Paradise
Paradise

2023-04-28 ⋅ WithSecure ⋅ Markus Tuominen, Mehmet Mert Surmeli
Unleashing the Power of Shimcache with Chainsaw

2023-04-27 ⋅ VMRay ⋅ VMRay Labs Team
CatB Ransomware: A New Threat Exploiting DLL Side-Loading
CatB

2023-04-27 ⋅ ReversingLabs ⋅ Carolynn van Arsdale
The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries
Zarya

2023-04-27 ⋅ Lookout ⋅ Alemdar Islamoglu, Justin Albrecht, Kyle Schmittle, Paul Shunk
Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy
DAAM

2023-04-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example.

2023-04-27 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
Nomadic Octopus’ Paperbug Campaign
Octopus DustSquad

2023-04-26 ⋅ Bitdefender ⋅ Martin Zugec, Victor Vrabie
Unpacking BellaCiao: A Closer Look at Iran’s Latest Malware
BellaCiao

2023-04-26 ⋅ Uptycs ⋅ Uptycs Threat Research
RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture
RTM Locker