Malpedia Library

Click here to download all references as Bib-File.•

2023-06-13 ⋅ Medium BI.ZONE ⋅ Oleg Skulkin
Core Werewolf targets the defense industry and critical infrastructure
Awaken Likho

2023-05-17 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Emilia Neuber, Jiro Minier, Johann Aydinbas, Kritika Roy
Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter

2023-05-14 ⋅ Medium ⋅ Denshi Yūrei
Silent Echoes: The Hidden Dialogue among Malware Entities — Spotlight on AMOS InfoStealer
AMOS Aurora Stealer TitanStealer

2023-05-09 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay, Joshua Platt
MetaStealer string decryption and DGA overview
MetaStealer

2023-04-19 ⋅ Medium (@simone.kraus) ⋅ Simone Kraus
Rorschach Ransomware Analysis with Attack Flow
Rorschach Ransomware

2023-04-13 ⋅ Medium Invictus Incident Response ⋅ Invictus Incident Response
Ransomware in the cloud

2023-04-05 ⋅ Medium Ilandu ⋅ Ilan Duhin
PortDoor - APT Backdoor analysis
ACBackdoor 8.t Dropper PortDoor

2023-03-23 ⋅ Medium s2wlab ⋅ BLKSMTH, S2W TALON
Scarcruft Bolsters Arsenal for targeting individual Android devices
RambleOn RokRAT

2023-03-20 ⋅ ⋅ Medium s2wlab ⋅ HOTSAUCE, S2W TALON
Detailed Analysis of Cryptocurrency Phishing Through Famous YouTube Channel Hacking

2023-03-17 ⋅ Medium s2wlab ⋅ BLKSMTH, S2W TALON
Kimsuky group appears to be exploiting OneNote like the cybercrime group

2023-03-10 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
From Royal With Love
Cobalt Strike Conti PLAY Royal Ransom Somnia

2023-02-27 ⋅ Medium s2wlab ⋅ Jiho Kim, Lee Sebin
Lumma Stealer targets YouTubers via Spear-phishing Email
Lumma Stealer

2023-02-26 ⋅ Medium Ilandu ⋅ Ilan Duhin, Yossi Poberezsky
Emotet Campaign
Emotet

2023-02-24 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay, Joshua Platt, Kirk Sayre
Qbot testing malvertising campaigns?
QakBot

2023-02-19 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis

2023-01-23 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
A "strange font" Smishing Campaign that changes behaviour based on User-Agent, and abuses Duck DNS
Roaming Mantis

2023-01-16 ⋅ Medium elis531989 ⋅ Eli Salem
Dancing With Shellcodes: Analyzing Rhadamanthys Stealer
Rhadamanthys

2022-12-24 ⋅ Medium (@DCSO_CyTec) ⋅ Denis Szadkowski, Hendrik Baecker, Jiro Minier, Johann Aydinbas
APT41 — The spy who failed to encrypt me
CHINACHOPPER

2022-11-16 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Johann Aydinbas
HZ RAT goes China
HZ RAT

2022-10-25 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Brute Ratel Config Decoding update
Brute Ratel C4