Malpedia Library

2022-01-19 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike

2022-01-19 ⋅ Sophos ⋅ Colin Cowie, Mat Gangwer, Sophos MTR Team, Stan Andic
Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike
Cobalt Strike Zloader

2022-01-19 ⋅ Recorded Future ⋅ Insikt Group®, Kenneth Allen, Morgan Clemens, Roderick Lee, Zachary Haver
The People's Liberation Army in the South China Sea: An Organizational Guide

2022-01-19 ⋅ FBI ⋅ FBI
CU-000161-MW: Indicators of Compromise Associated with Diavol Ransomware
Diavol TrickBot

2022-01-19 ⋅ Chainanalysis ⋅ Chainalysis Team
Meet the Malware Families Helping Hackers Steal and Mine Millions in Cryptocurrency
Glupteba RedLine Stealer

2022-01-19 ⋅ Mandiant ⋅ Adrian Sanchez Hernandez, Ervin James Ocampo, Paul Tarter
One Source to Rule Them All: Chasing AVADDON Ransomware
BlackMatter Avaddon BlackMatter MedusaLocker SystemBC ThunderX

2022-01-19 ⋅ rxOred's blog ⋅ rxored
WhisperGate
WhisperGate

2022-01-19 ⋅ Youtube (HEXORCIST) ⋅ Nicolas Brulez
WhisperGate: MBR Wiper Malware Analysis. Ukraine Cyber Attack 2022
WhisperGate

2022-01-19 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager, Samir Bousseaden
Operation Bleeding Bear
WhisperGate

2022-01-19 ⋅ Kaspersky ⋅ Kirill Kruglov
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

2022-01-19 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
0.0.0.0 in Emotet Spambot Traffic
Emotet

2022-01-19 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
Technical Analysis of the WhisperGate Malicious Bootloader
WhisperGate

2022-01-18 ⋅ Cyber And Ramen blog ⋅ Michael Rippey
Info-Stealing Tool Posing As Naver OTP

2022-01-18 ⋅ Bitdefender ⋅ Janos Gergo Szeles
Poking Holes in Crypto-Wallets: a Short Analysis of BHUNT Stealer
BHunt

2022-01-18 ⋅ ESET Research ⋅ ESET Research
ESET Research investigates Donot Team: Cyberespionage targeting military & governments in South Asia

2022-01-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
WhisperGate

2022-01-18 ⋅ Twitter (@knight0x07) ⋅ neeraj
Thread on yet another comprehensive analysis of WHISPERGATE
WhisperGate

2022-01-18 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
FORMBOOK Adopts CAB-less Approach
Formbook

2022-01-18 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
SideCopy Arsenal Update: Golang-based Linux stealth tools surface
Unidentified 005 (Sidecopy)

2022-01-18 ⋅ Recorded Future ⋅ Insikt Group®
2021 Adversary Infrastructure Report
BazarBackdoor Cobalt Strike Dridex IcedID QakBot TrickBot