Malpedia Library

Click here to download all references as Bib-File.•

2021-11-21 ⋅ Cyber-Anubis ⋅ Nidal Fikri
Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction
DoppelDridex Dridex

2021-11-21 ⋅ Twitter (@tylabs) ⋅ Twitter (@ffforward), Tyler McLellan
Twitter Thread about UNC1500 phishing using QAKBOT
QakBot

2021-11-20 ⋅ Youtube (HEXORCIST) ⋅ Nicolas Brulez
Unpacking Emotet and Reversing Obfuscated Word Document
Emotet

2021-11-20 ⋅ Twitter (@eduardfir) ⋅ Eduardo Mattos
Tweet on Velociraptor artifact analysis for Emotet
Emotet

2021-11-20 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Corporate Loader "Emotet": History of "X" Project Return for Ransomware
Emotet

2021-11-19 ⋅ Sangfor ⋅ Sangfor Technologies
The New Threat: Mallox Ransomware
TargetCompany

2021-11-19 ⋅ ⋅ FOCUS ⋅ Jan-Philipp Hein
Im Rätsel um gruselige Spionage-Software führt die Spur über Wirecard in den Kreml
Subzero

2021-11-19 ⋅ ⋅ 360 Threat Intelligence Center ⋅ advanced threat research institute
It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack

2021-11-19 ⋅ Twitter (@knight0x07) ⋅ neeraj
Tweet on Exmatter, custom data exfiltration tool, used by Blackmatter ransomware group
ExMatter

2021-11-19 ⋅ insomniacs(Medium) ⋅ Asuna Amawaka
It’s a BEE! It’s a… no, it’s ShadowPad.
ShadowPad

2021-11-19 ⋅ ⋅ CRONUP ⋅ Germán Fernández
La Botnet de EMOTET reinicia ataques en Chile y LATAM
Emotet

2021-11-19 ⋅ IronNet ⋅ Morgan Demboski
Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?

2021-11-19 ⋅ Trend Micro ⋅ Abdelrhman Sharshar, Mohamed Fahmy, Sherif Magdy
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Cobalt Strike QakBot Squirrelwaffle

2021-11-19 ⋅ LAC WATCH ⋅ LAC WATCH
Malware Emotet resumes its activities for the first time in 10 months, and Japan is also the target of the attack
Emotet

2021-11-18 ⋅ Cisco ⋅ Josh Pyorre
BlackMatter, LockBit, and THOR
BlackMatter LockBit PlugX

2021-11-18 ⋅ SophosLabs Uncut ⋅ Sean Gallagher
New ransomware actor uses password protected archives to bypass encryption protection

2021-11-18 ⋅ Qualys ⋅ Ghanshyam More
Conti Ransomware
Conti

2021-11-18 ⋅ Proofpoint ⋅ Darien Huss, Selena Larson
Triple Threat: North Korea-Aligned TA406 Steals, Scams and Spies
YoreKey

2021-11-18 ⋅ Proofpoint ⋅ Darien Huss, Selena Larson
Triple Threat: North Korea-Aligned TA406 Scams, Spies, and Steals
YoreKey TA406

2021-11-18 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks
DanaBot