Malpedia Library

Click here to download all references as Bib-File.•

2023-08-28 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.

2023-08-15 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
StealC string decryption
Stealc

2023-08-13 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.

2023-08-10 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
Amadey string decryptor
Amadey

2023-08-03 ⋅ OALabs ⋅ Sergei Frankoff
Golang Garble String Decryption
Bandit Stealer

2023-06-29 ⋅ Avast Decoded ⋅ Threat Research Team
Decrypted: Akira Ransomware
Akira

2023-06-26 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.

2023-06-23 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Inside KangaPack: the Kangaroo packer with native decryption
FluHorse

2023-05-22 ⋅ kienmanowar Blog ⋅ m4n0w4r
[Case study] Decrypt strings using Dumpulator

2023-05-09 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay, Joshua Platt
MetaStealer string decryption and DGA overview
MetaStealer

2023-04-24 ⋅ Immersive Labs ⋅ Kevin Breen
Detecting and decrypting Sliver C2 – a threat hunter’s guide
Sliver

2023-04-18 ⋅ ANY.RUN ⋅ ANY.RUN
PrivateLoader: Analyzing the Encryption and Decryption of a Modern Loader
PrivateLoader

2023-03-25 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Decrypting the C2 configuration of Warzone RAT
Ave Maria

2023-03-24 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.

2023-03-21 ⋅ Github (rivitna) ⋅ Andrey Zhdanov
BlackCat v3 Decryptor Scripts
BlackCat BlackCat

2023-03-09 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example.

2023-02-28 ⋅ ANY.RUN ⋅ ANY.RUN
XLoader/FormBook: Encryption Analysis and Malware Decryption
Formbook

2023-02-14 ⋅ Github (clairelevin) ⋅ Claire Levin
Writing a decryptor for Jaff ransomware
Jaff

2023-02-07 ⋅ HelpNetSecurity ⋅ Zeljka Zorz
Released: Decryptor for Cl0p ransomware’s Linux variant
Clop

2023-02-07 ⋅ SentinelOne ⋅ Antonis Terefos
Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available
Clop