Malpedia Library

Click here to download all references as Bib-File.•

2025-04-01 ⋅ ANY.RUN ⋅ Adhikara
Salvador Stealer: New Android Malware That Phishes Banking Details & OTPs
Salvador Stealer

2025-04-01 ⋅ ZW01f ⋅ Mohamed Ezat
Auto-color - Linux backdoor
Auto-Color

2025-03-31 ⋅ Seqrite ⋅ Mahua Chakrabarthy, Sanjay Katkar
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs
Cobalt Strike HollowQuill

2025-03-31 ⋅ Wiz.io ⋅ Avigayil Mechtinger, Gili Tikochinski, Yaara Shriki
CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims
JINX-0126

2025-03-31 ⋅ VirusTotal
48157c03bf9731926f9567fe1fabc807bff166241f8d6c27e6308dde68112669
Supper

2025-03-31 ⋅ Trend Micro ⋅ Lenart Bermejo, Ted Lee, Theo Chen
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
Godzilla Webshell Cobalt Strike RAILSETTER Earth Alux

2025-03-31 ⋅ Zscaler ⋅ Muhammed Irfan V A
Analyzing New HijackLoader Evasion Tactics
HijackLoader

2025-03-31 ⋅ Sekoia ⋅ Amaury G., Coline Chavane, Félix Aime, Sekoia TDR
From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic
FrostyFerret GolangGhost GolangGhost

2025-03-31 ⋅ GootLoader Wordpress ⋅ gootloadersites
Gootloader Returns: Malware Hidden in Google Ads for Legal Documents
GootLoader

2025-03-28 ⋅ Trend Micro ⋅ Ahmed Mohamed Ibrahim, Aliakbar Zahravi
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure
DarkWisp SilentPrism Kematian Stealer Rhadamanthys Stealc Water Gamayun

2025-03-28 ⋅ Cisco Talos ⋅ Guilherme Venere
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Remcos

2025-03-28 ⋅ cyble ⋅ Cyble
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications
TsarBot

2025-03-28 ⋅ ThreatFabric ⋅ ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus

2025-03-28 ⋅ SUCURI ⋅ Puja Srivastava
Hidden Malware Strikes Again: Mu-Plugins Under Attack

2025-03-28 ⋅ Intrinsec ⋅ David Sardinha
From espionage to PsyOps: Tracking operations and bulletproof providers of UACs in 2025
sLoad NetSupportManager RAT Remcos SmokeLoader

2025-03-27 ⋅ Infoblox ⋅ Infoblox Threat Intelligence Group
A Phishing Tale of DoH and DNS MX Abuse

2025-03-26 ⋅ ⋅ ISH Tecnologia ⋅ 0x0d4y, Ismael Rocha
ffdgf
Lynx

2025-03-26 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (StegoCampaign) - Deobfuscation of a VBScript stage (PART 1)

2025-03-26 ⋅ Cisco Talos ⋅ Cisco Talos
Year in Review

2025-03-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Raton / Silly - Remote Access Trojan | Technical Malware Analysis Report
AsyncRAT