Malpedia Library

2020-07-07 ⋅ Microsoft ⋅ Tom Burt
Microsoft takes legal action against COVID-19-related cybercrime

2020-06-19 ⋅ Click All the Things! Blog ⋅ Jamie
zloader: VBA, R1C1 References, and Other Tomfoolery
Zloader

2020-06-09 ⋅ Sophos Labs ⋅ Gabor Szappanos, Vikas Singh
Kingminer escalates attack complexity for cryptomining
Kingminer

2020-06-09 ⋅ Microsoft ⋅ Rob Mead, Tom McElroy
Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection

2020-06-07 ⋅ Zero2Automated Blog ⋅ 0verfl0w_
Dealing with Obfuscated Macros, Statically - NanoCore
Nanocore RAT

2020-06-05 ⋅ Votiro ⋅ Votiro’s Research Team
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
Dridex

2020-05-28 ⋅ VMWare Carbon Black ⋅ Ryan Murphy, Tom Kellermann
Modern Bank Heists 3.0
Emotet

2020-05-19 ⋅ zero2auto ⋅ Vitali Kremez
Netwalker Ransomware - From Static Reverse Engineering to Automatic Extraction
Mailto

2020-05-18 ⋅ CrowdStrike ⋅ Karan Sood, Liviu Arsene, Shaun Hurley
DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected
DarkSide DarkSide

2020-05-11 ⋅ SentinelOne ⋅ Gal Kristal
The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration
Cobalt Strike

2020-05-06 ⋅ Prevailion ⋅ Danny Adamitis
Phantom in the Command Shell
EVILNUM

2020-04-29 ⋅ Twitter (@h4ckak) ⋅ Ring4sky
More IOCs related to PhantomLance
PhantomLance

2020-04-28 ⋅ Kaspersky Labs ⋅ Alexey Firsh, Lev Pikman
Hiding in plain sight: PhantomLance walks into a market
PhantomLance

2020-04-23 ⋅ ESET Research ⋅ Eset
ESET researchers disrupt cryptomining botnet VictoryGate
VictoryGate

2020-03-19 ⋅ ESET Research ⋅ Vladislav Hrčka
Stantinko’s new cryptominer features unique obfuscation techniques
Stantinko

2020-03-10 ⋅ Microsoft ⋅ Tom Burt
New action to disrupt world’s largest online criminal network
Necurs