Malpedia Library

Click here to download all references as Bib-File.•

2021-07-09 ⋅ InfoSec Handlers Diary Blog ⋅ Brad Duncan
Hancitor tries XLL as initial malware file
Cobalt Strike Hancitor

2021-07-08 ⋅ Medium s2wlab ⋅ Sojun Ryu
Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea
Racket Downloader

2021-07-08 ⋅ Recorded Future ⋅ Insikt Group
Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling
Cobalt Strike Earth Lusca

2021-07-08 ⋅ McAfee ⋅ McAfee Labs
Hancitor Making Use of Cookies to Prevent URL Scraping
Hancitor

2021-07-08 ⋅ ⋅ PTSecurity ⋅ Denis Kuvshinov
How winnti APT grouping works
Korlia ShadowPad Winnti

2021-07-08 ⋅ ⋅ YouTube (PT Product Update) ⋅ Denis Kuvshinov
How winnti APT grouping works
Korlia ShadowPad Winnti

2021-07-08 ⋅ Sekoia ⋅ sekoia
Kaseya: Another Massive Heist by REvil
REvil

2021-07-08 ⋅ vmware ⋅ Pavankumar Chaudhari, Quentin Fois
IcedID: Analysis and Detection
IcedID

2021-07-08 ⋅ CISA ⋅ US-CERT
Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide

2021-07-08 ⋅ Blackberry ⋅ The BlackBerry Research and Intelligence Team
Threat Thursday: Redline Infostealer
RedLine Stealer

2021-07-08 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Morgan Stanley reports data breach after vendor Accellion hack

2021-07-08 ⋅ McAfee ⋅ Kiran Raj, Kishan N.
Zloader With a New Infection Technique
Zloader

2021-07-08 ⋅ Recorded Future ⋅ Insikt Group®
Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling
ShadowPad Spyder Winnti

2021-07-08 ⋅ KELA ⋅ Victoria Kivilevich
Ransomware Gangs are Starting to Look Like Ocean’s 11
REvil

2021-07-08 ⋅ Gigamon ⋅ Joe Slowik
Observations and Recommendations from the Ongoing REvil-Kaseya Incident
REvil

2021-07-08 ⋅ SentinelOne ⋅ Antonio Pirozzi, Idan Weizman
Conti Unpacked: Understanding Ransomware Development as a Response to Detection - A Detailed Technical Analysis
Conti

2021-07-08 ⋅ Medium walmartglobaltech ⋅ Harold Ogden, Jason Reaves
Amadey stealer plugin adds Mikrotik and Outlook harvesting
Amadey

2021-07-08 ⋅ Team Cymru ⋅ Andy Kraus, Dan Heywood
Enriching Threat Intelligence for the Carbine Loader Crypto-jacking Campaign

2021-07-08 ⋅ MIT Technology Review ⋅ Patrick Howell O'Neill
Inside the FBI, Russia, and Ukraine’s failed cybercrime investigation

2021-07-08 ⋅ Avast Decoded ⋅ Threat Intelligence Team
Decoding Cobalt Strike: Understanding Payloads
Cobalt Strike Empire Downloader