Malpedia Library

2022-09-20 ⋅ vmware ⋅ Dana Behling
Threat Report: Illuminating Volume Shadow Deletion
Conti HelloKitty

2022-09-20 ⋅ vmware ⋅ Dana Behling
Threat Research: New Method of Volume Shadow Backup Deletion Seen in Recent Ransomware

2022-09-19 ⋅ vmware ⋅ Abe Schneider, Bethany Hardin, Lavine Oluoch
The Evolution of the Chromeloader Malware
Choziosi

2022-08-19 ⋅ vmware ⋅ Oleg Boyarchuk, Stefano Ortolani
How to Replicate Emotet Lateral Movement
Emotet

2022-07-22 ⋅ vmware ⋅ Sneha Shekar
How Push Notifications are Abused to Deliver Fraudulent Links

2022-07-05 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New RedAlert Ransomware targets Windows, Linux VMware ESXi servers
RedAlert Ransomware

2022-06-29 ⋅ vmware ⋅ Giovanni Vigna, Stefano Ortolani
Lateral Movement in the Real World: A Quantitative Analysis

2022-05-25 ⋅ vmware ⋅ Oleg Boyarchuk, Stefano Ortolani
Emotet Config Redux
Emotet

2022-05-20 ⋅ Palo Alto Networks Unit 42 ⋅ Ruchna Nigam
Threat Brief: VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)
Bashlite Mirai PerlBot

2022-05-16 ⋅ vmware ⋅ Jason Zhang, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
Emotet Moves to 64 bit and Updates its Loader
Emotet

2022-04-27 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Júlio Dantas
LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility
Cobalt Strike LockBit BRONZE STARLIGHT

2022-04-27 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Júlio Dantas
LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility
Cobalt Strike LockBit

2022-04-25 ⋅ vmware ⋅ Darshan Rana
Serpent – The Backdoor that Hides in Plain Sight
Serpent

2022-04-25 ⋅ Morphisec ⋅ Morphisec Labs
New Core Impact Backdoor Delivered Via VMware Vulnerability
Cobalt Strike JSSLoader

2022-04-12 ⋅ vmware ⋅ Sudhir Devkar
RuRansom – A Retaliatory Wiper
RURansom

2022-04-01 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
Fire Chili Ghost RAT

2022-03-29 ⋅ vmware ⋅ Jason Zhang, Oleg Boyarchuk, Threat Analysis Unit
Emotet C2 Configuration Extraction and Analysis
Emotet

2022-03-27 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
BlackCat Hive Hive

2022-03-23 ⋅ vmware ⋅ Sagar Daundkar, Threat Analysis Unit
SysJoker – An Analysis of a Multi-OS RAT
SysJoker SysJoker SysJoker

2022-03-09 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Exploitation of VMware Horizon Servers by TunnelVision Threat Actor
Drokbk