Malpedia Library

Click here to download all references as Bib-File.•

2021-01-11 ⋅ Bitdefender ⋅ Bitdefender Team
Darkside Ransomware Decryption Tool
DarkSide

2021-01-11 ⋅ Reuters ⋅ Christopher Bing
Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources

2021-01-11 ⋅ Kaspersky Labs ⋅ Costin Raiu, Georgy Kucherin, Igor Kuznetsov
Sunburst backdoor – code overlaps with Kazuar
Kazuar SUNBURST

2021-01-11 ⋅ The DFIR Report ⋅ The DFIR Report
Trickbot Still Alive and Well
Cobalt Strike TrickBot

2021-01-10 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
MAN1, Moskal, Hancitor and a side of Ransomware
Cobalt Strike Hancitor SendSafe VegaLocker Moskalvzapoe

2021-01-09 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot

2021-01-09 ⋅ Connor McGarr's Blog ⋅ Connor McGarr
Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking
Cobalt Strike

2021-01-09 ⋅ Github (f0wl) ⋅ Marius Genheimer
ezuri_unpack

2021-01-08 ⋅ Youtube (Virus Bulletin) ⋅ Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic

2021-01-08 ⋅ Zscaler ⋅ Mohd Sadique, Pradeep Kulkarni
Ransomware Delivered Using RDP Brute-Force Attack
Dharma

2021-01-08 ⋅ Youtube (Virus Bulletin) ⋅ Fumio Ozawa, Rintaro Koike, Shogo Hayashi
Operation LagTime IT: colourful Panda footprint
Cotx RAT nccTrojan Poison Ivy Tmanger TA428

2021-01-08 ⋅ Certfa ⋅ Certfa Lab
Charming Kitten’s Christmas Gift

2021-01-08 ⋅ Reaqta ⋅ ReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis

2021-01-08 ⋅ splunk ⋅ James Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST

2021-01-08 ⋅ US-CERT ⋅ US-CERT
Alert (AA21-008A): Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
SUNBURST SUPERNOVA

2021-01-08 ⋅ 0xC0DECAFE ⋅ Thomas Barabosch
The malware analyst’s guide to aPLib decompression
ISFB Rovnix

2021-01-07 ⋅ Github (hvs-consulting) ⋅ HvS-Consulting AG
Lazarus / APT37 IOCs
Lazarus Group

2021-01-07 ⋅ TRUESEC ⋅ Sebastian Olsson
Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST)
SUNBURST

2021-01-07 ⋅ Symantec ⋅ Threat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST

2021-01-07 ⋅ CyberArk ⋅ Ben Cohen
Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer
Oski Stealer