Malpedia Library

Click here to download all references as Bib-File.•

2024-04-09 ⋅ eSentire ⋅ eSentire
Unraveling Not AZORult but Koi Loader: A Precursor to Koi Stealer
Koi Loader Koi Stealer

2024-04-09 ⋅ Hunt.io ⋅ Hunt.io
BlueShell: Four Years On, Still A Formidable Threat
BlueShell

2024-04-09 ⋅ Claroty ⋅ Team82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack

2024-04-09 ⋅ Immersive Labs ⋅ Immersive Labs
Havoc C2 Framework – A Defensive Operator’s Guide
Havoc

2024-04-09 ⋅ DCSO ⋅ DCSO CyTec
XZ Backdoor: How to check if your systems are affected
xzbot

2024-04-09 ⋅ kienmanowar Blog ⋅ m4n0w4r, Tran Trung Kien
[QuickNote] Phishing email distributes WarZone RAT via DBatLoader
Ave Maria DBatLoader

2024-04-08 ⋅ 0x0d4y ⋅ 0x0d4y
IcedID – Technical Analysis of an IcedID Lightweight x64 DLL
IcedID

2024-04-08 ⋅ Zscaler ⋅ Nikolaos Pantazopoulos
Automating Pikabot’s String Deobfuscation
Pikabot

2024-04-07 ⋅ cyber5w ⋅ M4lcode
Gafgyt Backdoor Analysis
Bashlite

2024-04-04 ⋅ Mandiant ⋅ Ashley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM

2024-04-04 ⋅ Microsoft ⋅ Clint Watts, Microsoft Threat Analysis Center (MTAC)
China tests US voter fault lines and ramps AI content to boost its geopolitical interests

2024-04-04 ⋅ InfoSec Handlers Diary Blog ⋅ John Moutos
Slicing up DoNex with Binary Ninja
Donex

2024-04-04 ⋅ Twitter (@embee_research) ⋅ Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus

2024-04-04 ⋅ Deep instinct ⋅ Simon Kenin
DarkBeatC2: The Latest MuddyWater Attack Framework
MuddyC2Go

2024-04-04 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team, Team Cymru, TEAM CYMRU S2 THREAT RESEARCH
Latrodectus: This Spider Bytes Like Ice
IcedID Latrodectus

2024-04-03 ⋅ HarfangLab ⋅ Alice Climent-Pommeret
Raspberry Robin and its new anti-emulation trick
Raspberry Robin

2024-04-03 ⋅ Resecurity ⋅ Resecurity
The New Version Of JsOutProx Is Attacking Financial Institutions In APAC And MENA Via GitLab Abuse
JSOutProx

2024-04-03 ⋅ ThreatMon ⋅ Kerime Gencay
XZ Utils Backdoor Research Report CVE-2024-3094
xzbot

2024-04-03 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

2024-04-03 ⋅ Wired ⋅ Andy Greenberg, Matt Burgess
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
xzbot