Malpedia Library

Click here to download all references as Bib-File.•

2020-04-07 ⋅ AhnLab ⋅ CHA Minseok
Tweet on Operation Shadow Force
Operation Shadow Force

2020-04-07 ⋅ FireEye ⋅ Michael Bailey
Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation
Elise

2020-04-07 ⋅ SecurityIntelligence ⋅ Ole Villadsen
ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework
More_eggs Anchor TrickBot

2020-04-06 ⋅ ⋅ VinCSS ⋅ m4n0w4r, Tran Trung Kien
[RE015] “Heaven’s Gate” An old but effective technique

2020-04-06 ⋅ 360.cn ⋅ Qihoo 360
The DarkHotel (APT-C-06) Attacked Chinese Institutions Abroad via Exploiting SangFor VPN Vulnerability

2020-04-05 ⋅ 3xp0rt
Let's check: Sorano Stealer
Sorano

2020-04-03 ⋅ Palo Alto Networks Unit 42 ⋅ Haozhe Zhang, Ken Hsu, Ruchna Nigam, Zhibin Zhang
Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet
Bashlite

2020-04-03 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
GuLoader: Malspam Campaign Installing NetWire RAT
CloudEyE NetWire RC

2020-04-03 ⋅ Aqua ⋅ Gal Singer
Kinsing Malware Attacks Targeting Container Environments
Kinsing Kinsing

2020-04-03 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Microsoft: Emotet Took Down a Network by Overheating All Computers
Emotet

2020-04-03 ⋅ Josh Stroschein
Unpacking a Trojan with Ghidra and x64dbg
Simda

2020-04-02 ⋅ Darktrace ⋅ Max Heinemeyer
Catching APT41 exploiting a zero-day vulnerability
Cobalt Strike

2020-04-02 ⋅ Avast ⋅ Jan Rubín
CoViper locking down computers during lockdown
CoViper

2020-04-02 ⋅ Gdata ⋅ Karsten Hahn
Pekraut - German RAT starts gnawing
Pekraut

2020-04-01 ⋅ KISA ⋅ KrCERT
OPERATION BOOKCODES TTPs #1
BookCodes RAT

2020-04-01 ⋅ Cisco ⋅ Andrea Kaiser, Shyam Sundar Ramaswami
Navigating Cybersecurity During a Pandemic: Latest Malware and Threat Actors
Azorult CloudEyE Formbook KPOT Stealer Metamorfo Nanocore RAT NetWire RC TrickBot

2020-04-01 ⋅ Guardicore ⋅ Ophir Harpaz
THE VOLLGAR CAMPAIGN: MS-SQL SERVERS UNDER ATTACK

2020-03-31 ⋅ Trustwave ⋅ Joshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part One of Three
Mailto

2020-03-31 ⋅ Click All the Things! Blog ⋅ Jamie
LokiBot: Getting Equation Editor Shellcode
Loki Password Stealer (PWS)

2020-03-31 ⋅ Bitdefender ⋅ Alin Mihai Barbatei, Ioan-Septimiu Dinulica, Oana Asoltanei
Infected Zoom Apps for Android Target Work-From-Home Users
HiddenAd