Malpedia Library

Click here to download all references as Bib-File.•

2022-08-08 ⋅ N1ght-W0lf Blog ⋅ Abdallah Elshinbary
YARA for config extraction
RedLine Stealer

2022-08-07 ⋅ Malverse ⋅ greenplan
Config Extractor per DanaBot (PARTE 1)
DanaBot

2022-08-07 ⋅ Resecurity ⋅ Resecurity
LogoKit Update – The Phishing Kit Leveraging Open Redirect Vulnerabilities

2022-08-07 ⋅ Resecurity ⋅ Resecurity
Vulnerabilities In E-Commerce Solutions - Hunting On Big Apples

2022-08-07 ⋅ forensicitguy ⋅ Tony Lambert
Analyzing .NET Core Single File Samples (DUCKTAIL Case Study)
DUCKTAIL

2022-08-06 ⋅ MalwareBookReports ⋅ muzi
A LOOK BACK AT BAZARLOADER’S DGA
BazarBackdoor

2022-08-05 ⋅ Brandefense ⋅ Brandefense
Fancy Bear APT Group

2022-08-05 ⋅ K7 Security ⋅ Saikumaravel
Say NO to Nopyfy!
Nopyfy

2022-08-05 ⋅ ⋅ 360 netlab ⋅ Daji, suqitian
The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard

2022-08-05 ⋅ 360 netlab ⋅ 360 Netlab
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard

2022-08-05 ⋅ 0xIvan ⋅ Twitter (@viljoenivan)
LokiBot Analysis
Loki Password Stealer (PWS)

2022-08-04 ⋅ Mandiant ⋅ Alice Revelli, Ben Read, Emiel Haeghebaert, Luke Jenkins
ROADSWEEP Ransomware - Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations
ROADSWEEP

2022-08-04 ⋅ ThreatFabric ⋅ ThreatFabric
Brata - a tale of three families
AmexTroll BRATA Copybara

2022-08-04 ⋅ ThreatFabric ⋅ ThreatFabric
Brata - a tale of three families
AmexTroll Copybara

2022-08-04 ⋅ Zscaler ⋅ Stuti Chaturvedi
X-FILES Stealer Evolution - An Analysis and Comparison Study
X-Files Stealer

2022-08-04 ⋅ Cisco Talos ⋅ Arnaud Zobec, Azim Khodjibaev, Edmund Brumaghin, Matt Thaxton
Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns

2022-08-04 ⋅ Cloudsek ⋅ Aastha Mittal, Anandeshwar Unnikrishnan
Technical Analysis of Bumblebee Malware Loader
BumbleBee

2022-08-04 ⋅ Mandiant ⋅ Mandiant
Advanced Persistent Threats (APTs)
APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon

2022-08-04 ⋅ nccgroup ⋅ Michael Mathews, RIFT: Research and Intelligence Fusion Team
Top of the Pops: Three common ransomware entry techniques

2022-08-04 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics
SiennaBlue SiennaPurple Storm-0530