Malpedia Library

Click here to download all references as Bib-File.•

2023-04-16 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetProcAddress implementation. Simple C++ example.

2023-04-08 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.

2023-03-24 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.

2023-03-09 ⋅ Github (cocomelonc) ⋅ cocomelonc
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example.

2023-02-20 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 12: encrypt payload via TEA. Simple C++ example.

2023-02-12 ⋅ cocomelonc ⋅ cocomelonc
Malware AV/VM evasion - part 11: encrypt payload via DES. Simple C++ example.

2023-02-10 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware
Conti

2023-02-02 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis: part 7. Yara rule example for CRC32. CRC32 in REvil ransomware
REvil

2023-01-20 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example.

2023-01-04 ⋅ cocomelonc
Malware development tricks: part 26. Mutex. C++ example.
AsyncRAT Conti HelloKitty

2022-12-21 ⋅ cocomelonc ⋅ cocomelonc
Malware development tricks: part 25. EnumerateLoadedModules. Simple C++ example.

2022-12-09 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example.
Attor Zebrocy

2022-11-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development tricks: part 24. ListPlanting. Simple C++ example.
InvisiMole

2022-11-16 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example.

2022-11-05 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis: part 6. Shannon entropy. Simple python script.

2022-10-28 ⋅ cocomelonc ⋅ cocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.

2022-09-30 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 12. Accessibility Features. Simple C++ example.

2022-09-25 ⋅ cocomelonc ⋅ cocomelonc
APT techniques: Access Token manipulation. Token theft. Simple C++ example.

2022-09-20 ⋅ cocomelonc
Malware development: persistence - part 11. Powershell profile. Simple C++ example.
Turla RAT TurlaRPC

2022-09-10 ⋅ cocomelonc
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example.
SUNBURST