Malpedia Library

Click here to download all references as Bib-File.•

2020-03-23 ⋅ SANS ISC ⋅ Didier Stevens
KPOT Deployed via AutoIt Script
KPOT Stealer

2020-03-05 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
Bisonal: 10 years of play
Korlia

2020-02-29 ⋅ Security Affairs ⋅ Pierluigi Paganini
Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm
REvil

2020-02-20 ⋅ Cisco Talos ⋅ Asheer Malhotra
ObliqueRAT: New RAT hits victims' endpoints via malicious documents
Oblique RAT

2020-02-20 ⋅ Carbon Black ⋅ Takahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)
Winnti

2020-02-18 ⋅ Cisco Talos ⋅ Vanja Svajcer
Building a bypass with MSBuild
Cobalt Strike GRUNT MimiKatz

2020-02-13 ⋅ Cybereason ⋅ Cybereason Nocturnus
New Cyber Espionage Campaigns Targeting Palestinians - Part 2: The Discovery of the New, Mysterious Pierogi Backdoor
Pierogi

2020-02-12 ⋅ Cisco Talos ⋅ Chris Neal
Loda RAT Grows Up
Loda

2020-02-03 ⋅ SANS ISC ⋅ Jan Kopriva
Analysis of a triple-encrypted AZORult downloader
Azorult

2020-01-27 ⋅ ⋅ T-Systems ⋅ T-Systems
Vorläufiger forensischer Abschlussbericht zur Untersuchung des Incidents beim Berliner Kammergericht
Emotet TrickBot

2020-01-23 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
German language malspam pushes Ursnif
ISFB

2020-01-17 ⋅ ⋅ NTT Security ⋅ Takai Hajime
Operation Bitter Biscuit
Korlia

2020-01-16 ⋅ Cisco Talos ⋅ Eric Kuhla, Paul Rascagnères, Vitor Ventura, Warren Mercer
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT

2019-12-17 ⋅ Cisco ⋅ Dave Liebenberg, JJ Cummings
Incident Response lessons from recent Maze ransomware attacks
Maze

2019-12-11 ⋅ Cybereason ⋅ Assaf Dahan, Eli Salem, Lior Rochberger, Mary Zhao, Matt Hart, Niv Yona, Omer Yampel
Dropping Anchor: From a TrickBot Infection to the Discovery of the Anchor Malware
Anchor WIZARD SPIDER

2019-11-23 ⋅ ZDNet ⋅ Catalin Cimpanu
Extensive hacking operation discovered in Kazakhstan
APT-C-34

2019-11-20 ⋅ vmware ⋅ Takahiro Haruyama
Active C2 Discovery Using Protocol Emulation Part1 (HYDSEVEN NetWire)
NetWire RC

2019-11-19 ⋅ ESET Research ⋅ ESET Research
Mispadu: Advertisement for a discounted Unhappy Meal
Mispadu

2019-11-18 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Surprised by Julius the Great! Disclosure of Cyrus attacks against Iran
FurBall

2019-11-04 ⋅ ⋅ Tencent ⋅ Tencent Security Mikan TIC
APT attack group "Higaisa" attack activity disclosed
Ghost RAT Higaisa