Malpedia Library

2020-10-02 ⋅ Check Point Research ⋅ Eyal Itkin, Itay Cohen
Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints

2020-10-01 ⋅ CrowdStrike ⋅ Dylan Barker, Quinten Bowen, Ryan Campbell
Duck Hunting with Falcon Complete: Analyzing a Fowl Banking Trojan, Part 1
QakBot MALLARD SPIDER

2020-09-29 ⋅ Symantec ⋅ Threat Hunter Team
Palmerworm: Espionage Gang Targets the Media, Finance, and Other Sectors
KIVARS PLEAD BlackTech

2020-09-23 ⋅ Group-IB ⋅ Oleg Skulkin, Rustam Mirkasymov
Big Game Hunting: Now in Russia

2020-09-18 ⋅ Symantec ⋅ Threat Hunter Team
APT41: Indictments Put Chinese Espionage Group in the Spotlight
CROSSWALK PlugX POISONPLUG ShadowPad Winnti

2020-09-18 ⋅ Symantec ⋅ Threat Hunter Team
Elfin: Latest U.S. Indictments Appear to Target Iranian Espionage Group
Nanocore RAT

2020-09-15 ⋅ CrowdStrike ⋅ CrowdStrike Overwatch Team
Nowhere to Hide - 2020 Threat Hunting Report
NedDnLoader RDAT TRACER KITTEN

2020-09-10 ⋅ Group-IB ⋅ Oleg Skulkin, Semyon Rogachev
Lock Like a Pro: Dive in Recent ProLock's Big Game Hunting
PwndLocker QakBot

2020-08-31 ⋅ Symantec ⋅ Threat Hunter Team
Sophisticated Groups and Cyber Criminals Set Sights on Lucrative Financial Sector
WastedLocker

2020-08-23 ⋅ Github (Insane-Forensics) ⋅ Insane-Forensics
Dispatches from Drovorub: Network Threat Hunting for Russia GRU GTsSS' Malware at Scale

2020-08-20 ⋅ ThreatConnect ⋅ Kyle Ehmke
[webinar] Proactive Infrastructure Hunting with ThreatConnect & DomainTools

2020-07-28 ⋅ Kaspersky Labs ⋅ Félix Aime, Ivan Kwiatkowski, Pierre Delcher
Lazarus on the hunt for big game
Dacls Dacls Dacls VHD Ransomware

2020-07-22 ⋅ On the Hunt ⋅ Newton Paul
Analysing Fileless Malware: Cobalt Strike Beacon
Cobalt Strike

2020-07-06 ⋅ Lukáš Štefanko, MalwareHunterTeam
Tweets on Basbanke
Basbanke

2020-07-06 ⋅ Cisco Talos ⋅ Arnaud Zobec, Ben Baker, Edmund Brumaghin, JJ Cummings
WastedLocker Goes "Big-Game Hunting" in 2020
WastedLocker

2020-07-01 ⋅ Fortinet ⋅ Ben Hunter, Fred Gutierrez
EKANS Ransomware Targeting OT ICS Systems
Snake

2020-06-22 ⋅ FindingBad Blogspot ⋅ Jack Crook
Dynamic Correlation, ML and Hunting

2020-06-18 ⋅ Medium Huntress Labs ⋅ John Ferrell
Hiding In Plain Sight

2020-06-17 ⋅ Twitter (@VK_intel) ⋅ malwrhunterteam, Vitali Kremez
Tweet on signed Tinymet payload (V.02) used by TA505
TinyMet

2020-06-09 ⋅ Microsoft ⋅ Rob Mead, Tom McElroy
Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection