Malpedia Library

2024-01-09 ⋅ Anonymous
SSLoad
SSLoad

2024-01-09 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira

2023-12-20 ⋅ Sophos X-Ops ⋅ Mark Loman, Matt Wixey
CryptoGuard: An asymmetric approach to the ransomware battle
Akira LockBit Storm-1567

2023-12-19 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa
MuddyC2Go

2023-11-21 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole

2023-10-19 ⋅ Symantec ⋅ Threat Hunter Team
Crambus: New Campaign Targets Middle Eastern Government
Clipog

2023-10-10 ⋅ Symantec ⋅ Threat Hunter Team
Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan
Cobalt Strike Havoc MimiKatz Grayling

2023-10-02 ⋅ ThreatFabric ⋅ ThreatFabric
LightSpy mAPT Mobile Payment System Attack
DragonEgg WyrmSpy lightSpy

2023-09-12 ⋅ Symantec ⋅ Threat Hunter Team
Redfly: Espionage Actors Continue to Target Critical Infrastructure
ShadowPad Redfly

2023-09-11 ⋅ Symantec ⋅ Symantec Threat Intelligence
Tweet about Symantec discovering a new variant of SiestaGraph
SiestaGraph

2023-08-22 ⋅ Symantec ⋅ Threat Hunter Team
Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong
PlugX Carderbee

2023-08-07 ⋅ Team Cymru ⋅ S2 Research Team
Visualizing Qakbot Infrastructure Part II: Uncharted Territory
QakBot

2023-08-02 ⋅ Medium (@morimolymoly) ⋅ morimolymoly
HUI Loader — Malware Analysis Note
HUI Loader

2023-07-28 ⋅ Team Cymru ⋅ S2 Research Team
Inside the IcedID BackConnect Protocol (Part 2)
IcedID

2023-07-18 ⋅ Symantec ⋅ Threat Hunter Team
FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
BlackCat Unidentified 103 (FIN8)

2023-06-30 ⋅ K7 Security ⋅ Dhanush
Cobalt Strike’s Deployment with Hardware Breakpoint for AMSI Bypass
Cobalt Strike

2023-06-30 ⋅ Github (itaymigdal) ⋅ Itay Migdal
Formbook unpacking
Formbook

2023-06-21 ⋅ Symantec ⋅ Threat Hunter Team
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
Graphican

2023-06-20 ⋅ SOCRadar ⋅ SOCRadar
Cyber Shadows Pact: Darknet Parliament (KillNet, Anonymous Sudan, REvil)
UserSec

2023-06-15 ⋅ Team Cymru ⋅ S2 Research Team
Darth Vidar: The Aesir Strike Back
Vidar