Malpedia Library

Click here to download all references as Bib-File.•

2022-10-31 ⋅ paloalto Netoworks: Unit42 ⋅ Or Chechik
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus

2022-07-18 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Clean Ursa
PowerShower Inception Framework

2022-03-24 ⋅ paloalto Netoworks: Unit42 ⋅ Unit42
Threat Brief: Lapsus$ Group
RedLine Stealer

2022-03-16 ⋅ paloalto Netoworks: Unit42 ⋅ Andrew Guan, Chris Navarrete, Durgesh Sangvikar, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect
Cobalt Strike

2022-01-17 ⋅ Github (pan-unit42) ⋅ Brad Duncan
IOCs for Astaroth/Guildma malware infection
Astaroth

2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot

2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike

2021-10-18 ⋅ paloalto Netoworks: Unit42 ⋅ Brad Duncan
Case Study: From BazarLoader to Network Reconnaissance
BazarBackdoor Cobalt Strike

2021-08-10 ⋅ paloalto Netoworks: Unit42 ⋅ Haozhe Zhang, Ruchna Nigam, Zhibin Zhang
New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices
QNAPCrypt

2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability
BazarBackdoor Cobalt Strike

2021-03-17 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Ransomware Threat Report 2021
RansomEXX Dharma DoppelPaymer Gandcrab Mailto Maze Phobos RansomEXX REvil Ryuk WastedLocker

2020-12-14 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
PyMICROPSIA: New Information-Stealing Trojan from AridViper

2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Threat Brief: FireEye Red Team Tool Breach
Cobalt Strike