Malpedia Library

Click here to download all references as Bib-File.•

2020-09-08 ⋅ MALWATION ⋅ malwation
Malware Config Extraction Diaries #1 – GuLoader
CloudEyE

2020-09-08 ⋅ PTSecurity ⋅ PTSecurity
ShadowPad: new activity from the Winnti group
CCleaner Backdoor Korlia ShadowPad TypeHash

2020-09-08 ⋅ Trend Micro ⋅ Augusto Remillano II
Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot
Kaiten

2020-09-08 ⋅ ⋅ NSFOCUS ⋅ NSFOCUS
APT GROUP系列——DARKHOTEL之窃密与RAT篇
Nemim

2020-09-08 ⋅ Zscaler ⋅ Shivang Desai
TikTok Spyware: A detailed analysis of spyware masquerading as TikTok

2020-09-08 ⋅ Team Cymru ⋅ CERT-BR, Manabu Niseki, Nick Byers
GhostDNSbusters: Illuminating GhostDNS Infrastructure

2020-09-08 ⋅ Intezer ⋅ Nicole Fishbein
Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks

2020-09-08 ⋅ Microsoft ⋅ Ross Bevington, Yossi Weizman
TeamTNT activity targets Weave Scope deployments

2020-09-08 ⋅ Lopqto's Adventures ⋅ Hamidreza Babaee
Automated dynamic import resolving using binary emulation
Mailto

2020-09-07 ⋅ Github (StrangerealIntel) ⋅ StrangerealIntel
Time to take the bull by the horns
RedLine Stealer Taurus Stealer

2020-09-07 ⋅ Github (pan-unit42) ⋅ Brad Duncan
Collection of recent Dridex IOCs
Cutwail Dridex

2020-09-07 ⋅ CERT-FR ⋅ CERT-FR
Bulletin d'alerte du CERT-FR: Recrudescence d’activité Emotet en France
Emotet

2020-09-07 ⋅ CERT NZ ⋅ CERT NZ
Emotet Malware being spread via email
Emotet

2020-09-06 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet and description of NixScare Stealer
NixScare Stealer

2020-09-04 ⋅ VB Localhost ⋅ Sveva Vittoria Scenarelli
To catch a Banshee: How Kimsuky’s tradecraft betrays its complementary campaigns and mission
FlowerPower

2020-09-04 ⋅ QuoSec GmbH ⋅ Quosec Blog
Navigating QakBot samples with grap
QakBot

2020-09-04 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa
PowGoop Hakbit

2020-09-04 ⋅ Bellingcat ⋅ Bellingcat Investigation Team
Post-Mortem of a Triple Poisoning: New Details Emerge in GRU's Failed Murder Attempts in Bulgaria

2020-09-04 ⋅ KrabsOnSecurity ⋅ Mr. Krabs
BitRAT pt. 2: Hidden Browser, SOCKS5 proxy, and UnknownProducts Unmasked
BitRAT WebMonitor RAT

2020-09-03 ⋅ Palo Alto Networks Unit 42 ⋅ Haozhe Zhang, Qi Deng, Ruchna Nigam, Zhibin Zhang
Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496
Mirai PerlBot