Malpedia Library

Click here to download all references as Bib-File.•

2020-12-17 ⋅ ClearSky ⋅ ClearSky Research Team
Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten
Pay2Key

2020-12-16 ⋅ Fortinet ⋅ Fred Gutierrez, Val Saengphaibul
Adversary Playbook: JavaScript RAT Looking for that Government Cheese
JSOutProx

2020-12-16 ⋅ Pastebin ⋅ Anonymous
Paste of subdomain & DGA domain names used in SolarWinds attack
SUNBURST UNC2452

2020-12-16 ⋅ CrowdStrike ⋅ David Rojas, Mark Robinson
Hiding in Plain Sight: Remediating “Hidden” Malware with Real Time Response
Andromeda

2020-12-16 ⋅ ⋅ 360 Threat Intelligence Center ⋅ Advanced Threat Institute
旺刺组织（APT-C-47）使用ClickOnce技术的攻击活动披露

2020-12-16 ⋅ Cyborg Security ⋅ Josh Meltzer
SUNBURST: SolarWinds Supply-Chain Attack
SUNBURST

2020-12-16 ⋅ Twitter @cybercdh) ⋅ Colin Hardy
Tweet on 3 key actions SUNBURST performs as soon as it's invoked
SUNBURST

2020-12-16 ⋅ Click All the Things! Blog ⋅ Jamie
Snake/404 Keylogger, BIFF, and Covering Tracks?: An unusual maldoc

2020-12-16 ⋅ Cloudflare ⋅ Jesse Kipp, Malavika Balachandran Tadeusz
Trend data on the SolarWinds Orion compromise
SUNBURST

2020-12-16 ⋅ Bleeping Computer ⋅ Lawrence Abrams
FireEye, Microsoft create kill switch for SolarWinds backdoor
SUNBURST

2020-12-16 ⋅ Microsoft ⋅ Shain Wray
SolarWinds Post-Compromise Hunting with Azure Sentinel
SUNBURST

2020-12-16 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
中招目标首次披露：SolarWinds供应链攻击相关域名生成算法可破解！
SUNBURST

2020-12-16 ⋅ Twitter (@FireEye) ⋅ FireEye
Tweet on SUNBURST from FireEye detailing some additional information
SUNBURST

2020-12-16 ⋅ GuidePoint Security ⋅ Wes Riley
SUPERNOVA SolarWinds .NET Webshell Analysis
SUPERNOVA

2020-12-16 ⋅ Twitter (@0xrb) ⋅ R. Bansal
List of domain infrastructure including DGA domain used by UNC2452
SUNBURST

2020-12-16 ⋅ Intel 471 ⋅ Intel 471
Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground
SUNBURST

2020-12-16 ⋅ RiskIQ ⋅ Cory Kennedy, Jordan Herman, Mia Ihm
Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists
magecart

2020-12-16 ⋅ ReversingLabs ⋅ Tomislav Pericin
SunBurst: the next level of stealth SolarWinds compromise exploited through sophistication and patience
SUNBURST

2020-12-16 ⋅ Dragos ⋅ Camille Singleton, IBM SECURITY X-FORCE, Selena Larson
Assessing Ransomware and Extortion Activities Impacting Industrial Organizations: Ransomware in ICS Environments
REvil

2020-12-16 ⋅ Github (RedDrip7) ⋅ RedDrip7
A script to decode SUNBURST DGA domain
SUNBURST