Malpedia Library

Click here to download all references as Bib-File.•

2021-03-23 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on chMiner RAT

2021-03-21 ⋅ Twitter (@CyberRaiju) ⋅ Jai Minton
Twitter Thread with analysis of .NET China Chopper
CHINACHOPPER

2021-03-13 ⋅ YouTube (0xc7a) ⋅ 0xca7, Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x01
dearcry

2021-03-13 ⋅ YouTube (0xc7a) ⋅ Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x02
dearcry

2021-03-13 ⋅ YouTube (0xc7a) ⋅ Twitter (@CatWithoutAHat7)
DearCry Ransomware - A quick look 0x00
dearcry

2021-03-10 ⋅ Twitter (@MSSPete) ⋅ Pete Bryan
Tweet on Sample KQL query for detecting usage of HAFNIUM PoC code floating ITW

2021-03-02 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on Exchange RCE
CHINACHOPPER HAFNIUM

2021-03-02 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on Gootkit malware campaign
GootKit

2021-02-23 ⋅ Twitter ⋅ Twitter Safety
Disclosing networks of state-linked information operations

2021-02-16 ⋅ Twitter (@craiu) ⋅ Costin Raiu
Twitter thread on Exaramel Linux backdoor used by Russian Group Sandworm
Exaramel

2021-02-15 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Qakbot post infection discovery activity
QakBot

2021-02-12 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
A twitter thread on discussing updated attack chain of EVILNUM group and their use PYVIL malware
PyVil

2021-02-11 ⋅ Twitter (@malwrhunterteam) ⋅ MalwareHunterTeam
Tweet on one of the first Fedex-themed lures for FluBot
FluBot

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-09 ⋅ Twitter (@fwosar) ⋅ Fabian Wosar
Tweet on CD PROJEKT RED targeted by HelloKitty ransomware group
HelloKitty

2021-02-05 ⋅ Twitter (@8th_grey_owl) ⋅ 8thGreyOwl
Tweet on CALMTHORN, used by Tonto Team
CALMTHORN

2021-02-03 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tiwtter thread on Nim rewrite of Bazarloader
BazarNimrod

2021-02-02 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on recent dridex post infection activity
Cobalt Strike Dridex

2021-02-01 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Active Directory Exploitation by RYUK "one" group
Ryuk

2021-01-31 ⋅ Twitter (@NCCGroupInfosec) ⋅ NCCGroup
Tweet on ITW exploitation of 0-day in SonicWall SMA 100 series