Malpedia Library

2022-01-18 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
FORMBOOK Adopts CAB-less Approach
Formbook

2022-01-18 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
SideCopy Arsenal Update: Golang-based Linux stealth tools surface
Unidentified 005 (Sidecopy)

2022-01-18 ⋅ Recorded Future ⋅ Insikt Group®
2021 Adversary Infrastructure Report
BazarBackdoor Cobalt Strike Dridex IcedID QakBot TrickBot

2022-01-18 ⋅ Trend Micro ⋅ Arianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao
New Ransomware Spotted: White Rabbit and Its Evasion Tactics

2022-01-18 ⋅ Medium (Scarlet Shark) ⋅ Scarlet Shark
PerSwaysion Threat Actor Updates Their Techniques and Infrastructure
PerSwaysion

2022-01-18 ⋅ zetter substack ⋅ Kim Zetter
Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack
WhisperGate

2022-01-18 ⋅ S2W Inc. ⋅ BLKSMTH
Analysis of Destructive Malware (WhisperGate) targeting Ukraine
WhisperGate

2022-01-18 ⋅ Stairwell ⋅ Silas Cutler
Whispers in the noise
WhisperGate

2022-01-18 ⋅ SentinelOne ⋅ Jim Walter
BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims
BlackCat

2022-01-18 ⋅ ESET Research ⋅ Facundo Muñoz, Matías Porolli
DoNot Go! Do not respawn!
yty

2022-01-17 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Android/BianLian payload
BianLian Hydra

2022-01-17 ⋅ Trend Micro ⋅ Cedric Pernet, Daniel Lunghi, Gloria Chen, Jaromír Hořejší, Joseph Chen, Kenney Lu
Delving Deep: An Analysis of Earth Lusca’s Operations
BIOPASS Cobalt Strike FunnySwitch JuicyPotato ShadowPad Winnti Earth Lusca

2022-01-17 ⋅ Qualys ⋅ Bajrang Mane
The Chaos Ransomware Can Be Ravaging
Chaos

2022-01-17 ⋅ Cybleinc ⋅ Cyble
AvosLocker Ransomware Linux Version Targets VMware ESXi Servers
Avoslocker AvosLocker

2022-01-17 ⋅ forensicitguy ⋅ Tony Lambert
Emotet's Excel 4.0 Macros Dropping DLLs
Emotet

2022-01-17 ⋅ Twitter (@HuskyHacksMK) ⋅ Matt | HuskyHacks
WhisperGate Wiper Malware Analysis Live Thread
WhisperGate

2022-01-17 ⋅ Twitter (@Libranalysis) ⋅ Max Kersten
Tweet on short analysis of WHISPERGATE stage 3 malware
WhisperGate

2022-01-17 ⋅ Github (pan-unit42) ⋅ Brad Duncan
IOCs for Astaroth/Guildma malware infection
Astaroth

2022-01-17 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Debugging MBR - IDA + Bochs Emulator (CTF example)
WhisperGate

2022-01-17 ⋅ Cado Security ⋅ Cado Security
Resources for DFIR Professionals Responding to WhisperGate Malware
WhisperGate