Malpedia Library

Click here to download all references as Bib-File.•

2021-02-11 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on Hancitor Activity followed by cobaltsrike beacon
Cobalt Strike Hancitor

2021-02-09 ⋅ Twitter (@fwosar) ⋅ Fabian Wosar
Tweet on CD PROJEKT RED targeted by HelloKitty ransomware group
HelloKitty

2021-02-05 ⋅ Twitter (@8th_grey_owl) ⋅ 8thGreyOwl
Tweet on CALMTHORN, used by Tonto Team
CALMTHORN

2021-02-03 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tiwtter thread on Nim rewrite of Bazarloader
BazarNimrod

2021-02-02 ⋅ Twitter (@TheDFIRReport) ⋅ The DFIR Report
Tweet on recent dridex post infection activity
Cobalt Strike Dridex

2021-02-01 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Active Directory Exploitation by RYUK "one" group
Ryuk

2021-01-31 ⋅ Twitter (@NCCGroupInfosec) ⋅ NCCGroup
Tweet on ITW exploitation of 0-day in SonicWall SMA 100 series

2021-01-29 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on analysis of Vovalex ransomware written in DLang
Vovalex

2021-01-29 ⋅ Twitter (@Kangxiaopao) ⋅ xiaopao
Tweet on WormLocker
WormLocker

2021-01-28 ⋅ Twitter (@struppigel) ⋅ Karsten Hahn
Tweet on Sn0wsLogger malware
Sn0wsLogger

2021-01-27 ⋅ Twitter (@milkr3am) ⋅ milkream
Tweet on all Emotet epoch pushing payload to self remove emotet malware on 2021-04-25
Emotet

2021-01-26 ⋅ Twitter (@swisscom_csirt) ⋅ Swisscom CSIRT
Tweet on Cring Ransomware groups using customized Mimikatz sample followed by CobaltStrike and dropping Cring rasomware
Cobalt Strike Cring MimiKatz

2021-01-26 ⋅ Twitter (@RedDrip7) ⋅ RedDrip Team
Tweet on DPRK malware used to target security researchers

2021-01-25 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Ryuk Ransomware group's post exploitation tactics including usage of Keethief tool
Ryuk

2021-01-22 ⋅ Twitter (@bryceabdo) ⋅ Bryce
Tweet on GRIMAGENT malware used by UNC1878 during some #RYUK intrusions in 2020
GRIMAGENT

2021-01-20 ⋅ Twitter (@malwrhunterteam) ⋅ MalwareHunterTeam
Tweet on Vovalex ransomware
Vovalex

2021-01-19 ⋅ Twitter (@ConfiantIntel) ⋅ ConfiantIntel
Tweet on WizardUpdate macOS backdoor
Vigram

2021-01-19 ⋅ ⋅ Twitter (@jpcert_ac) ⋅ JPCERT/CC
Tweet on LODEINFO ver 0.47 spotted ITW targeting Japan
LODEINFO

2021-01-18 ⋅ Twitter (@teamcymru) ⋅ Team Cymru
Tweet on APT36 CrimsonRAT C2
Crimson RAT

2021-01-17 ⋅ Twitter (@AltShiftPrtScn) ⋅ Peter Mackenzie
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders
Cobalt Strike Conti