Malpedia Library

2022-03-24 ⋅ Sentinel LABS ⋅ Tom Hegel
Chinese Threat Actor Scarab Targeting Ukraine
HeaderTip Scieron

2022-02-09 ⋅ SentinelOne ⋅ Juan Andrés Guerrero-Saade, Tom Hegel
Modified Elephant APT and a Decade of Fabricating Evidence
DarkComet Incubator NetWire RC

2022-02-09 ⋅ Sentinel LABS ⋅ Tom Hegel
ModifiedElephant APT and a Decade of Fabricating Evidence
DarkComet Incubator NetWire RC ModifiedElephant

2021-09-23 ⋅ lacework ⋅ Jared Stroud, Tom Hegel
HCRootkit / Sutersu Linux Rootkit Analysis
Suterusu

2021-06-21 ⋅ lacework ⋅ Tom Hegel
Threat Hunting SSH Keys – Bash Script Feature Pivoting

2021-05-20 ⋅ lacework ⋅ Chris Hall, Jared Stroud, Tom Hegel
8220 Gangs Recent use of Custom Miner and Botnet

2021-04-13 ⋅ lacework ⋅ Tom Hegel
Carbine Loader Cryptojacking Campaign

2021-01-13 ⋅ AlienVault ⋅ Tom Hegel
A Global Perspective of the SideWinder APT
8.t Dropper Koadic SideWinder

2018-05-03 ⋅ ProtectWise ⋅ Tom Hegel
Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers
APT41

2017-10-16 ⋅ 401TRG ⋅ Tom Hegel
An Update on Winnti (LEAD/APT17)

2017-07-11 ⋅ 401 TRG ⋅ Nate Marx, Tom Hegel
Winnti (LEAD/APT17) Evolution - Going Open Source