Malpedia Library

Click here to download all references as Bib-File.•

2021-02-22 ⋅ Check Point Research ⋅ Eyal Itkin, Itay Cohen
The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day

2021-02-22 ⋅ tccontre Blog ⋅ tcontre
Gh0stRat Anti-Debugging: Nested SEH (try - catch) to Decrypt and Load its Payload
Ghost RAT

2021-02-22 ⋅ FireEye ⋅ Andrew Moore, Genevieve Stark, Isif Ibrahima, Kimberly Goody, Van Ta
Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion
DEWMODE Clop

2021-02-21 ⋅ ⋅ Antiy ⋅ Antiy CERT
Analysis report on the attack activities of the "Baby Elephant" against Pakistani defense manufacturers

2021-02-20 ⋅ Medium (Nasreddine Bencherchali) ⋅ Nasreddine Bencherchali
Finding Forensic Goodness In Obscure Windows Event Logs

2021-02-20 ⋅ Malpedia ⋅ Malpedia
Malpedia Website for Malware Family Team TNT
TeamTNT TeamTNT

2021-02-20 ⋅ NDSS ⋅ Alessandro Mantovani, Alexander Küchler, Davide Balzarotti, Leyla Bilge, Yufei Han
Does Every Second Count? Time-based Evolution of Malware Behavior in Sandboxes

2021-02-19 ⋅ K7 Security ⋅ Partheeban J
GitHub – Home to AsyncRAT Backdoor
AsyncRAT

2021-02-19 ⋅ Medium 0xthreatintel ⋅ 0xthreatintel
How to unpack SManager APT tool?
SManager

2021-02-19 ⋅ GEMINI ⋅ GEMINI
Alleged Hydra Market Operators Identified

2021-02-19 ⋅ THE NEW STACK ⋅ Dror Alon, Lior Sonntag
Behind the Scenes of the SunBurst Attack
SUNBURST

2021-02-19 ⋅ Lawfare Blog ⋅ Sonja Swanbeck
How to Understand Iranian Information Operations

2021-02-19 ⋅ The Record ⋅ Adam Janofsky, Timo Steffens
Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That

2021-02-19 ⋅ Palo Alto Networks Unit 42 ⋅ Dominik Reichel
IronNetInjector: Turla’s New Malware Loading Tool
Agent.BTZ IronNetInjector TurlaRPC

2021-02-18 ⋅ Symantec ⋅ Threat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)

2021-02-18 ⋅ PTSecurity ⋅ PTSecurity
https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques/
Poet RAT Gravity RAT Ketrican Okrum OopsIE Remcos RogueRobinNET RokRAT SmokeLoader

2021-02-18 ⋅ of0x.cc ⋅ of0x.cc
One thousand and one ways to copy your shellcode to memory (VBA Macros)

2021-02-18 ⋅ Bitdefender ⋅ Cristina Vatamanu, Gheorghe Adrian Schipor, Rickey Gevers
Iranian APT Makes a Comeback with “Thunder and Lightning” Backdoor and Espionage Combo
Infy Tonnerre

2021-02-18 ⋅ Red Canary ⋅ Tony Lambert
Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
Silver Sparrow

2021-02-18 ⋅ JPCERT/CC ⋅ Kota Kino
Further Updates in LODEINFO Malware
LODEINFO