Malpedia Library

Click here to download all references as Bib-File.•

2021-12-11 ⋅ Twitter (@vxunderground) ⋅ VX-Underground
Tweet on Gomorrah panel source code leak
Gomorrah stealer

2021-12-11 ⋅ Symantec ⋅ Threat Hunter Team
Apache Log4j Zero-Day Being Exploited in the Wild
Kaiten

2021-12-11 ⋅ YouTube (AGDC Services) ⋅ AGDC Services
How To Extract & Decrypt Qbot Configs Across Variants
QakBot

2021-12-10 ⋅ Dissecting Malware ⋅ Marius Genheimer
BlackCatConf - Static Configuration Extractor for BlackCat Ransomware
BlackCat

2021-12-10 ⋅ Medium s2wlab ⋅ S2W TALON
BlackCat: New Rust based ransomware borrowing BlackMatter’s configuration
BlackCat BlackMatter

2021-12-10 ⋅ CrowdStrike ⋅ CrowdStrike Intelligence Team
Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)

2021-12-10 ⋅ Trend Micro ⋅ Don Ovid Ladores
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

2021-12-10 ⋅ Mississippi State University ⋅ DeMarcus M. Thomas Sr.
Detecting malware in memory with memory object relationships

2021-12-10 ⋅ Accenture ⋅ Accenture
Karakurt rises from its lair
Cobalt Strike Karakurt

2021-12-09 ⋅ Group-IB ⋅ Andrey Zhdanov, Dmitry Shestakov
Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples
Hive Hive

2021-12-09 ⋅ HP ⋅ Patrick Schläpfer
Emotet’s Return: What’s Different?
Emotet

2021-12-09 ⋅ Trend Micro ⋅ Veronica Chierzi
The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs
Dark Nexus QSnatch

2021-12-09 ⋅ Minerva Labs ⋅ Natalie Zargarov
A new StrongPity variant hides behind Notepad++ installation
StrongPity

2021-12-09 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot

2021-12-08 ⋅ F5 ⋅ Aditya K. Sood, Rohit Chaturvedi
Collector-stealer: a Russian origin credential and information extractor

2021-12-08 ⋅ Check Point Research ⋅ Aliaksandr Trafimchuk, David Driker, Raman Ladutska, Yali Magiel
When old friends meet again: why Emotet chose Trickbot for rebirth
Emotet TrickBot

2021-12-08 ⋅ Recorded Future ⋅ Insikt Group®
Chinese State-Sponsored Cyber Espionage Activity Supports Expansion of Regional Power and Influence in Southeast Asia
Chinoxy FunnyDream

2021-12-08 ⋅ PWC UK ⋅ Adam Prescott
Chasing Shadows: A deep dive into the latest obfuscation methods being used by ShadowPad
ShadowPad Earth Lusca

2021-12-08 ⋅ Darktrace ⋅ Justin Fier
The double extortion business: Conti Ransomware Gang finds new avenues of negotiation
Conti

2021-12-08 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Full malware analysis Work-Flow of AgentTesla Malware
Agent Tesla