Malpedia Library

Click here to download all references as Bib-File.•

2023-11-22 ⋅ Twitter (@embee_research) ⋅ Embee_research
Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples)
BianLian Xtreme RAT NjRAT QakBot RedLine Stealer Remcos

2023-11-19 ⋅ Twitter (@embee_research) ⋅ Embee_research
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
Amadey Cobalt Strike RedLine Stealer SmokeLoader

2023-11-15 ⋅ Twitter (@embee_research) ⋅ Embee_research
Identifying Simple Pivot Points in Malware Infrastructure - RisePro Stealer
RedLine Stealer RisePro

2023-11-13 ⋅ Twitter (@malwrhunterteam) ⋅ MalwareHunterTeam
Tweet on Qilin Linux Locker
Qilin

2023-11-13 ⋅ Twitter (@malwrhunterteam) ⋅ MalwareHunterTeam
Tweet on Linux version of Rhysida
Rhysida

2023-11-06 ⋅ Twitter (@embee_research) ⋅ Embee_research
Unpacking Malware With Hardware Breakpoints - Cobalt Strike
Cobalt Strike

2023-11-01 ⋅ Twitter (@embee_research) ⋅ Embee_research
Malware Unpacking With Memory Dumps - Intermediate Methods (Pe-Sieve, Process Hacker, Hxd and Pe-bear)
AsyncRAT

2023-10-30 ⋅ Twitter (@embee_research) ⋅ Embee_research
Unpacking .NET Malware With Process Hacker and Dnspy
AsyncRAT

2023-10-27 ⋅ Twitter (@embee_research) ⋅ Embee_research
Remcos Downloader Analysis - Manual Deobfuscation of Visual Basic and Powershell
Remcos

2023-10-23 ⋅ Twitter (@embee_research) ⋅ Embee_research
Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation
Cobalt Strike

2023-10-20 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Cobalt Strike .hta Loader Using CyberChef and Emulation
Cobalt Strike

2023-10-18 ⋅ Twitter (@embee_research) ⋅ Embee_research
Ghidra Tutorial - Using Entropy To Locate a Cobalt Strike Decryption Function
Cobalt Strike

2023-10-16 ⋅ Twitter (@embee_research) ⋅ Embee_research
Decoding a Simple Visual Basic (.vbs) Script - DarkGate Loader
DarkGate

2023-10-13 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet on Storm-1575 and Dadsec phishing platform
Storm-1575

2023-10-13 ⋅ Twitter (@JAMESWT_MHT) ⋅ JamesWT
Tweets on Wikiloader delivering ISFB
ISFB WikiLoader

2023-10-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet on Storm-0062 exploiting CVE-2023-22515
Storm-0062

2023-10-10 ⋅ Twitter (@embee_research) ⋅ Embee_research
How To Develop Yara Rules for .NET Malware Using IL ByteCodes
RedLine Stealer

2023-10-05 ⋅ Twitter (@embee_research) ⋅ Embee_research
Introduction to DotNet Configuration Extraction - RevengeRAT
Revenge RAT

2023-10-04 ⋅ Twitter (@embee_research) ⋅ Embee_research
Developing Yara Signatures for Malware - Practical Examples
DarkGate Lu0Bot

2023-10-04 ⋅ Twitter (@Intrisec) ⋅ CTI Intrinsec
Tweet about new Bumblebee campaign leveraging CVE-2023-38831
BumbleBee