Malpedia Library

2020-10-28 ⋅ Youtube (SANS Digital Forensics and Incident Response) ⋅ Aaron Stephens, Katie Nickels, Van Ta
STAR Webcast: Spooky RYUKy: The Return of UNC1878
Ryuk

2020-10-26 ⋅ SANS ISC InfoSec Forums ⋅ Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"

2020-09-10 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
Recent Dridex activity
Dridex

2020-07-06 ⋅ Sansec ⋅ Sansec Threat Research Team
North Korean hackers implicated in stealing from US and European shoppers
magecart

2020-06-15 ⋅ Sansec ⋅ Sansec Threat Research Team
Magecart strikes amid Corona lockdown
magecart

2020-03-23 ⋅ SANS ISC ⋅ Didier Stevens
KPOT Deployed via AutoIt Script
KPOT Stealer

2020-02-03 ⋅ SANS ISC ⋅ Jan Kopriva
Analysis of a triple-encrypted AZORult downloader
Azorult

2020-01-23 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
German language malspam pushes Ursnif
ISFB

2019-11-22 ⋅ SANS Cyber Security Summit ⋅ Rachel Mullan, Sveva Vittoria Scenarelli
Need for PLEAD: BlackTech Pursuit
BLUETHER PLEAD

2019-07-08 ⋅ SANS ⋅ Josh M. Bryant, Robert Falcone
Hunting Webshells: Tracking TwoFace
TwoFace

2019-06-25 ⋅ SANS ⋅ Brad Duncan
Rig Exploit Kit sends Pitou.B Trojan
Pitou

2019-05-07 ⋅ SANS ISC InfoSec Forums ⋅ Renato
Vulnerable Apache Jenkins exploited in the wild
kerberods

2019-04-22 ⋅ SANS ⋅ Mike Downey
Unpacking & Decrypting FlawedAmmyy
FlawedAmmyy

2019-04-08 ⋅ SANS Cyber Security Summit ⋅ Taha Karim
Trails of WindShift
WindTail ZhMimikatz

2019-02-20 ⋅ SANS ISC InfoSec Forums ⋅ Brad Duncan
More Russian language malspam pushing Shade (Troldesh) ransomware
Troldesh

2019-02-13 ⋅ Youtube (SANS Digital Forensics & Incident Response) ⋅ Josh Bryant, Robert Falcone
Hunting Webshells: Tracking TwoFace - SANS Threat Hunting Summit 2018
TwoFace