Malpedia Library

Click here to download all references as Bib-File.•

2021-01-06 ⋅ FBI ⋅ FBI
PIN Number 20210106-001: Egregor Ransomware Targets Businesses Worldwide, Attempting to Extort Businesses by Publicly Releasing Exfiltrated Data
Egregor QakBot

2021-01-06 ⋅ Trend Micro ⋅ Leandro Froes
Expanding Range and Improving Speed: A RansomExx Approach
RansomEXX

2021-01-06 ⋅ Trustwave ⋅ Diana Lopera
A Trump Sex Video? No, It's a RAT!
QRat

2021-01-06 ⋅ MITRE ⋅ MITRE ATT&CK
ATT&CK Navigator layer for UNC2452
SUNBURST

2021-01-06 ⋅ Github (SentinelLabs) ⋅ SentinelLabs
SolarWinds_Countermeasures
SUNBURST

2021-01-06 ⋅ Red Canary ⋅ Tony Lambert
Hunting for GetSystem in offensive security tools
Cobalt Strike Empire Downloader Meterpreter PoshC2

2021-01-06 ⋅ Department of Justice ⋅ Department of Justice
Department of Justice Statement on Solarwinds Update
SUNBURST

2021-01-06 ⋅ Malwarebytes ⋅ Hossein Jazi
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
RokRAT

2021-01-06 ⋅ DomainTools ⋅ Joe Slowik
Holiday Bazar: Tracking a TrickBot-Related Ransomware Incident
BazarBackdoor TrickBot

2021-01-06 ⋅ QuoIntelligence ⋅ QuoIntelligence
ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware
BlackSoul

2021-01-06 ⋅ Talos ⋅ Holger Unterbrink, Irshad Muhammad
A Deep Dive into Lokibot Infection Chain
Loki Password Stealer (PWS)

2021-01-05 ⋅ CISA, FBI, NSA, ODNI
Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA)
SUNBURST

2021-01-05 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
[Threat Analysis] CLOP Ransomware that Attacked Korean Distribution Giant
Clop

2021-01-05 ⋅ The Record ⋅ Dmitry Smilyanets
‘I Was Running Two Parallel Lives’: An Ex-Secret Service Agent Opens Up About Going Undercover To Catch Cybercriminals

2021-01-05 ⋅ Lacework Labs ⋅ Lacework Labs
TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT

2021-01-05 ⋅ Intezer ⋅ Avigayil Mechtinger
Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets
ElectroRAT

2021-01-05 ⋅ Trend Micro ⋅ Trend Micro Research
An Overview of the DoppelPaymer Ransomware
DoppelPaymer

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Red team's perspective on the TTPs in Sunburst's backdoor
SUNBURST

2021-01-05 ⋅ r3mrum blog ⋅ R3MRUM
Manual analysis of new PowerSplit maldocs delivering Emotet
Emotet

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Attack from Mustang Panda? My rabbit is back!
NjRAT