Malpedia Library

Click here to download all references as Bib-File.•

2022-01-05 ⋅ Check Point ⋅ Golan Cohen
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
Zloader

2022-01-05 ⋅ ARMOR ⋅ Armor
Threat Intelligence Report: The Evolution of Doppel Spider from BitPaymer to Grief Ransomware
DoppelPaymer FriedEx

2022-01-05 ⋅ SYGNIA ⋅ Amnon Kushnir, Arie Zilberstein, Boaz Wasserman, Itay Shohat, Noam Lifshitz, Oren Biderman, Yoav Mazor
Elephant Beetle: Uncovering an Organized Financial-Theft Operation
FIN13

2022-01-04 ⋅ SYGNIA ⋅ Sygnia Incident Response Team
TG2003: Elephant Beetle - Uncovering an Organized Financial-theft Operation
FIN13

2022-01-04 ⋅ forensicitguy ⋅ Tony Lambert
Extracting Indicators from a Packed Mirai Sample
Mirai

2022-01-03 ⋅ Cluster25 ⋅ Cluster25
North Korean Group “KONNI” Targets The Russian Diplomatic Sector With New Versions Of Malware Implants
Konni

2022-01-03 ⋅ MinervaLabs ⋅ Natalie Zargarov
Malicious Telegram Installer Drops Purple Fox Rootkit
PurpleFox

2022-01-02 ⋅ Atomic Matryoshka ⋅ z3r0day_504
"Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer
RedLine Stealer

2022-01-02 ⋅ Medium amgedwageh ⋅ Amged Wageh
Automating The Analysis Of An AutoIT Script That Wraps A Remcos RAT
Remcos

2022-01-01 ⋅ aspirets ⋅ Michael Lamb
Bumblebee Malware Loader: Threat Analysis
BumbleBee

2022-01-01 ⋅ Dark Vortex
Brute Ratel
brute_ratel

2022-01-01 ⋅ Triskele Labs ⋅ Brecht Snijders
Investigating a Monero Coin Miner
Coinminer

2022-01-01 ⋅ Silent Push ⋅ Afonso Knudsen, Inês Véstia
Lapsus$ Group (DEV-0537/UNC3661) - an emerging dark net threat actor leveraging insider threats-or was it?

2022-01-01 ⋅ Silent Push ⋅ Silent Push
Log4shell: a threat intelligence perspective

2022-01-01 ⋅ Silent Push ⋅ Silent Push
The Manipulaters Team Blog Post

2022-01-01 ⋅ Toli Security ⋅ Toli Security
Active crypto-mining operation by TeamTNT
TeamTNT

2021-12-31 ⋅ victory medium ⋅ Zach Edwards
Compromised Godaddy Infrastructure Attacking Numerous U.S. Government Websites to Promote “Canadian Pharmacy” Scam Websites

2021-12-31 ⋅ ⋅ CERT.PL ⋅ Marcin Dudek, Michał Praszmo
IKO activation - Malware campaign
Coper

2021-12-30 ⋅ Cloudsek ⋅ Anandeshwar Unnikrishnan, Isha Tripathi
Technical Analysis of Khonsari Ransomware Campaign Exploiting the Log4Shell Vulnerability
Khonsari

2021-12-30 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
Agent Tesla Updates SMTP Data Exfiltration Technique
Agent Tesla