Malpedia Library

Click here to download all references as Bib-File.•

2021-05-31 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.4
FluBot

2021-05-29 ⋅ Twitter (@elisalem9) ⋅ Eli Salem
Tweet on obfuscation mechanism and extraction procedure of COBALTSTRIKE beacon module used by NOBELIUM/UNC2452
Cobalt Strike

2021-05-28 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on REvil ver 2.07
REvil

2021-05-28 ⋅ Twitter (@MBThreatIntel) ⋅ Malwarebytes Threat Intelligence
Tweet on web skimmer hiding JavaScript inside images for exfiltration

2021-05-27 ⋅ xorhex blog ⋅ Twitter (@xorhex)
Mustang Panda PlugX - Reused Mutex and Folder Found in the Extracted Config
PlugX

2021-05-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.2 (p.php variant) with new AES strings encryption
FluBot

2021-05-20 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Java-based STRRAT malware campaign distributed via email
STRRAT

2021-05-19 ⋅ Twitter (@ThreatFabric) ⋅ ThreatFabric
Tweet on Anatsa android banking trojan targeting 7 more italian banks
Anatsa

2021-05-17 ⋅ xorhex blog ⋅ Twitter (@xorhex)
Mustang Panda PlugX - 45.251.240.55 Pivot
PlugX

2021-05-15 ⋅ Twitter (@xuy1202) ⋅ YANG XU
Tweet on Necro using hardcoded onion address as a gateway for TOR CC
N3Cr0m0rPh

2021-05-14 ⋅ Twitter (@ConfiantIntel) ⋅ ConfiantIntel
Tweet on OSX/Bundlore Loader compiled for ARM
Bundlore

2021-05-11 ⋅ Twitter (@xuy1202) ⋅ YANG XU
Tweet on necro's new DGA
N3Cr0m0rPh

2021-05-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla
Agent Tesla AsyncRAT

2021-05-08 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on CyberChef recipe to extract Revil Ransomware configuration
REvil

2021-05-06 ⋅ Twitter (@MrDanPerez) ⋅ Dan Perez
Tweet on UNC302 / oro0lxy using ColdFusion
BRONZE SPRING

2021-05-06 ⋅ Twitter (@SyscallE) ⋅ NtUnmapViewOfSection
Tweet on short analysis of Nebulae Backdoor
Nebulae

2021-05-05 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on Toxin Miner

2021-05-04 ⋅ Twitter (@elisalem9) ⋅ Eli Salem
Tweet on analysis of N3tw0rm ransomware

2021-05-04 ⋅ Twitter (@TrendMicroRSRCH) ⋅ Trend Micro Research
Tweet on N3tw0rm ransomware, that has started affecting users in Israel.
Pay2Key

2021-05-03 ⋅ Twitter (@y_advintel) ⋅ Yelisey Boguslavskiy
Tween on new RaaS Galaxy Ransomware