Malpedia Library

Click here to download all references as Bib-File.•

2020-12-15 ⋅ Malwarebytes ⋅ Pieter Arntz
Threat profile: Egregor ransomware is making a name for itself
Egregor

2020-12-15 ⋅ VMRay ⋅ VMRay Labs Team
Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant)

2020-12-15 ⋅ Chuongdong blog ⋅ Chuong Dong
Conti Ransomware v2
Conti

2020-12-15 ⋅ Cyborg Security ⋅ Austin Jackson
Threat Hunt Deep Dives: SolarWinds Supply Chain Compromise (Solorigate / SUNBURST Backdoor)
SUNBURST

2020-12-15 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Unpacking an Android malware with Dexcalibur and JEB

2020-12-15 ⋅ Github (itsreallynick) ⋅ Nick Carr
A quick note from Nick Carr on COSMICGALE and SUPERNOVA that those are unrelated to UC2452 intrusion campaign
SUPERNOVA

2020-12-15 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
Operation Falling Eagle-the secret of the most influential supply chain attack in history
SUNBURST

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on some more capabilties of SUNBURST backdoor
SUNBURST

2020-12-15 ⋅ Facebook ⋅ David Agranovich, Nathaniel Gleicher
Removing Coordinated Inauthentic Behavior from France and Russia

2020-12-15 ⋅ Trend Micro ⋅ Buddy Tancio, Gilbert Sison, Lenart Bermejo
Finding APTX: Attacks via MITRE TTPs
Chinoxy

2020-12-15 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
Infrastructure Research and Hunting: Boiling the Domain Ocean

2020-12-15 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on CyberChef recipe to extract and decode strings from #SolarWinds malware binaries.
SUNBURST

2020-12-15 ⋅ Cofense ⋅ Aaron Riley
Strategic Analysis: Agent Tesla Expands Targeting and Networking Capabilities
Agent Tesla

2020-12-15 ⋅ PICUS Security ⋅ Süleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach
Cobalt Strike SUNBURST

2020-12-15 ⋅ Hornetsecurity ⋅ Hornetsecurity Security Lab
QakBot reducing its on disk artifacts
Egregor PwndLocker QakBot

2020-12-15 ⋅ Trend Micro ⋅ Trend Micro
Overview of Recent Sunburst Targeted Attacks
SUPERNOVA

2020-12-15 ⋅ Trend Micro ⋅ William Gamazo Sanchez
Who is the Threat Actor Behind Operation Earth Kitsune?
Freenki Loader SLUB Earth Kitsune

2020-12-15 ⋅ ⋅ EST Security ⋅ Alyac
Goldstar 121 organization proceeds with HWP OLE-based APT attack

2020-12-15 ⋅ ⋅ KISA ⋅ KISA
Operation MUZABI
Kimsuky

2020-12-15 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Reverse engineering KPOT v2.0 Stealer
KPOT Stealer