Malpedia Library

2021-09-01 ⋅ YouTube (Hack In The Box Security Conference) ⋅ Joey Chen, Yi-Jhen Hsieh
SHADOWPAD: Chinese Espionage Malware-as-a-Service
PlugX ShadowPad

2021-09-01 ⋅ YouTube (Black Hat) ⋅ Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment

2021-09-01 ⋅ YouTube (Black Hat) ⋅ Junyu Zhou, Tianze Ding
Domain Borrowing: Catch My C2 Traffic if You Can

2021-09-01 ⋅ YouTube (Black Hat) ⋅ Aragorn Tseng, Charles Li
Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network
Cobalt Strike PlugX Waterbear

2021-09-01 ⋅ YouTube (Black Hat) ⋅ Christian Doerr, Tsuyoshi Taniguchi
How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?
Cerber Pony

2021-09-01 ⋅ Sophos ⋅ Anand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon

2021-09-01 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
APT-C-56 (Transparent Tribe) Latest Attack Analysis and Associated Suspected Gorgon Group Attack Analysis Alert
Crimson RAT NetWire RC

2021-09-01 ⋅ CyBureau – The Institute for Cyber Policy Studies ⋅ Aahir Das
The Incredible Rise of DPRK’s Cyber Warfare

2021-09-01 ⋅ SUCURI ⋅ Ben Martin
Analysis of a Phishing Kit (that targets Chase Bank)

2021-09-01 ⋅ Uptycs ⋅ Pritam Salunkhe, Shilpesh Trivedi
LOLBins Are No Laughing Matter: How Attackers Operate Quietly

2021-09-01 ⋅ Medium s2wlab ⋅ Chaewon Moon, Denise Dasom Kim, Jungyeon Lim, S2W LAB INTELLIGENCE TEAM, Sujin Lim, Yeonghyeon Jeong
BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter

2021-09-01 ⋅ FireEye ⋅ Adrien Bataille, Blaine Stancill
Too Log; Didn't Read — Unknown Actor Using CLFS Log Files for Stealth
PRIVATELOG STASHLOG

2021-08-31 ⋅ ebryx ⋅ Ahmad Muneeb Khan, Syed Hasan Akhtar
Exposing Sidewinder’s Arsenal against Windows

2021-08-31 ⋅ BreakPoint Labs ⋅ BreakPoint Labs
Cobalt Strike and Ransomware – Tracking An Effective Ransomware Campaign
Cobalt Strike

2021-08-31 ⋅ Minerva Labs ⋅ Minerva Labs
BlackMatter - The New Star Of Ransomware
BlackMatter

2021-08-31 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Analysis of suspected Russian-speaking attackers using COVID-19 vaccine bait to attack the Middle East
GRUNT

2021-08-31 ⋅ Yoroi ⋅ Luca Mella, Luigi Martire, Yoroi
Financial Institutions in the Sight of New JsOutProx Attack Waves
JSOutProx

2021-08-31 ⋅ CrowdStrike ⋅ Alexander Hanel
Sidoh: WIZARD SPIDER’s Mysterious Exfiltration Tool
Ryuk Stealer

2021-08-30 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on MercurialGrabber
MercurialGrabber

2021-08-30 ⋅ CrowdStrike ⋅ Eric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 1
Bateleur Griffon Carbanak DarkSide JSSLoader PILLOWMINT REvil