Malpedia Library

Click here to download all references as Bib-File.•

2019-11-12 ⋅ Hatching.io ⋅ Markel Picado
Reversing Qakbot
QakBot

2019-11-11 ⋅ ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Operation TA505, part four. Twins

2019-11-11 ⋅ Virus Bulletin ⋅ Hiroshi Soeda, Shusei Tomonaga, Tomoaki Tani, Wataru Takahashi
APT cases exploiting vulnerabilities in region‑specific software
NodeRAT Emdivi PlugX

2019-11-11 ⋅ Binary Defense ⋅ Binary Defense
Revenge Is A Dish Best Served… Obfuscated?
Houdini Revenge RAT

2019-11-08 ⋅ Wikipedia ⋅ Various
Wikipedia Entry on Equation Group
Equation Group

2019-11-06 ⋅ VirusBulletin ⋅ Bowen Pan, Lion Gu
A vine climbing over the Great Firewall: a long‑term attack against China
Poison Ivy ZXShell GreenSpot

2019-11-06 ⋅ Blueliv ⋅ Blueliv Team, Jose Miguel Esparza
Spanish consultancy Everis suffers BitPaymer ransomware attack: a brief analysis
FriedEx

2019-11-05 ⋅ Telsy ⋅ Telsy Research Team
The Lazarus’ gaze to the world: What is behind the first stone?
NedDnLoader Torisma

2019-11-05 ⋅ Information Age ⋅ David Braue
Hospital cyberattack could have been avoided
Ryuk

2019-11-05 ⋅ Dissecting Malware ⋅ Marius Genheimer
Try not to stare - MedusaLocker at a glance
MedusaLocker

2019-11-05 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Possible Snatch
Snatch

2019-11-05 ⋅ Bleeping Computer ⋅ Lawrence Abrams
New Megacortex Ransomware Changes Windows Passwords, Threatens to Publish Data
MegaCortex

2019-11-04 ⋅ Symantec ⋅ Eduardo Altares, Muhammad Hasib Latif, Nguyen Hoang Giang
Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet
Nemty Phorpiex

2019-11-04 ⋅ ⋅ Tencent ⋅ Tencent Security Mikan TIC
APT attack group "Higaisa" attack activity disclosed
Ghost RAT Higaisa

2019-11-01 ⋅ ThreatFabric ⋅ ThreatFabric
Ginp - A malware patchwork borrowing from Anubis
Ginp

2019-11-01 ⋅ Kaspersky Labs ⋅ AMR, GReAT
Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium
Operation WizardOpium

2019-11-01 ⋅ Dodge This Security ⋅ Dodge This Security
Hancitor. Evasive new waves, and how COM objects can use Cached Credentials for Proxy Authentication
Hancitor

2019-11-01 ⋅ CrowdStrike ⋅ Alexander Hanel, Brett Stone-Gross
WIZARD SPIDER Adds New Features to Ryuk for Targeting Hosts on LAN
Ryuk WIZARD SPIDER

2019-10-31 ⋅ PTSecurity ⋅ PTSecurity
Calypso APT: new group attacking state institutions
BYEBY FlyingDutchman Hussar PlugX

2019-10-30 ⋅ Zscaler ⋅ Abhay Yadav, Atinderpal Singh
Emotet is back in action after a short break
Emotet