Malpedia Library

Click here to download all references as Bib-File.•

2023-06-02 ⋅ MSSP Lab ⋅ cocomelonc
Malware analysis report: SNOWYAMBER (+APT29 related malwares)
GraphicalNeutrino

2023-05-26 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 30: Find PID via NtGetNextProcess. Simple C++ example.

2023-05-19 ⋅ cocomelonc ⋅ cocomelonc
Malware source code investigation: AsyncRAT
AsyncRAT

2023-05-11 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 28: Dump lsass.exe. Simple C++ example.
Cobalt Strike APT3 Keylogger

2023-05-08 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis report: WinDealer (LuoYu Threat Group)
WinDealer

2023-04-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example.

2023-04-16 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetProcAddress implementation. Simple C++ example.

2023-04-08 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.

2023-03-24 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.

2023-03-09 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example.

2023-02-20 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 12: encrypt payload via TEA. Simple C++ example.

2023-02-12 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 11: encrypt payload via DES. Simple C++ example.

2023-02-10 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware
Conti

2023-02-02 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis: part 7. Yara rule example for CRC32. CRC32 in REvil ransomware
REvil

2023-01-20 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example.

2023-01-04 ⋅ cocomelonc
Malware development tricks: part 26. Mutex. C++ example.
AsyncRAT Conti HelloKitty

2022-12-21 ⋅ cocomelonc ⋅ cocomelonc
Malware development tricks: part 25. EnumerateLoadedModules. Simple C++ example.

2022-12-09 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example.
Attor Zebrocy

2022-11-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development tricks: part 24. ListPlanting. Simple C++ example.
InvisiMole

2022-11-16 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example.