Malpedia Library

Click here to download all references as Bib-File.•

2020-12-16 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on 3 key actions SUNBURST performs as soon as it's invoked
SUNBURST

2020-12-16 ⋅ Twitter (@FireEye) ⋅ FireEye
Tweet on SUNBURST from FireEye detailing some additional information
SUNBURST

2020-12-16 ⋅ Twitter (@0xrb) ⋅ R. Bansal
List of domain infrastructure including DGA domain used by UNC2452
SUNBURST

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on some more capabilties of SUNBURST backdoor
SUNBURST

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on CyberChef recipe to extract and decode strings from #SolarWinds malware binaries.
SUNBURST

2020-12-15 ⋅ Twitter (@darb0ng) ⋅ Minhee Lee
Tweet on Symrise group hit by Clop Ransomware
Clop

2020-12-14 ⋅ Intezer ⋅ Twitter (IntezerLabs)
Tweet on linux variant of Prometei botnet
Prometei

2020-12-14 ⋅ Twitter (@lordx64) ⋅ Taha Karim
Tweet on a one liner to decrypt SUNBURST backdoor
SUNBURST

2020-12-14 ⋅ Twitter (@ItsReallyNick) ⋅ Nick Carr
Tweet on summarizing post-compromise actvity of UNC2452
SUNBURST

2020-12-14 ⋅ Twitter (@KimZetter) ⋅ Kim Zetter
Tweet thread on microsoft report on Solarwind supply chain attack by UNC2452
SUNBURST

2020-12-12 ⋅ Twitter (MalwareHunterTeam) ⋅ MalwareHunterTeam
Tweet on ITG18 android implant
LittleLooter

2020-12-11 ⋅ PWC UK ⋅ Twitter (@BitsOfBinary)
Tweet on macOS Manuscypt samples
Manuscrypt

2020-12-02 ⋅ Red Canary ⋅ twitter (@redcanary)
Tweet on increased #Qbot activity delivering Cobalt Strike & #Egregor ransomware
Cobalt Strike Egregor QakBot

2020-11-26 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on Xenon Stealer
Xenon Stealer

2020-11-22 ⋅ Twitter (@Nocturnus) ⋅ Cybereason Nocturnus
Tweet on new modular stealer that steals passwords, credit cards data, cryptocurrency wallets and downloads further plugins.

2020-11-21 ⋅ Medium Intel-Honey ⋅ Twitter (@intel_honey)
Reversing Anubis Malware
Anubis

2020-11-19 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Trickbot Group pushing LIGHTBOT powershell script to gather information about AD Server
LightBot

2020-11-17 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on a new fileless TrickBot loading method using code from MemoryModule
TrickBot

2020-11-12 ⋅ Twitter (@ddash_ct) ⋅ ddash
Tweet on Lootwodniw
Lootwodniw

2020-11-12 ⋅ Twitter (@IntezerLabs) ⋅ Intezer
Tweet on Agelocker
AgeLocker