Malpedia Library

Click here to download all references as Bib-File.•

2025-08-13 ⋅ Gdata ⋅ Karsten Hahn
JustAskJacky: AI causes a Trojan Horse Comeback
TamperedChef

2025-08-12 ⋅ The New York Times ⋅ Adam Goldman, Glenn Thrush, Mattathias Schwartz
Russia Is Suspected to Be Behind Breach of Federal Court Filing System

2025-08-12 ⋅ bluecyber ⋅ Khắc Minh
Analysis of a ClickFix malware attack
Vidar

2025-08-12 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Jordyn Dunk
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
PS1Bot

2025-08-12 ⋅ Netresec ⋅ Erik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT

2025-08-11 ⋅ nimanthadeshappriya.com ⋅ Nimantha Deshappriya
From Colombo to Pyongyang
BeaverTail BeaverTail Beavertail

2025-08-10 ⋅ cocomelonc ⋅ cocomelonc
MacOS hacking part 8: dlopen() code loading + finding target PIDs. Simple C (Intel, ARM) examples

2025-08-08 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SHA256 6e1b152e34c76fab5414c4210a28bb5ca47b2155e6205e58e7df78ee9de6cb64 (MorpheusLoader)
Morpheus Loader

2025-08-08 ⋅ K7 Security ⋅ Azhagan K M S
Silent Watcher: Dissecting Cmimai Stealer’s VBS Payload
Cmimai Stealer

2025-08-08 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Distribution of SmartLoader Malware via Github Repository Disguised as a Legitimate Project
Rhadamanthys SmartLoader

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (Volatility Edition)

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (Rekall Edition)

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Detecting and Identifying Hidden Processes (MemProcFs Edition)

2025-08-08 ⋅ Reverse The Malware ⋅ Diyar Saadi
Reverse Engineering ANY.RUN Sandbox

2025-08-07 ⋅ abuse.ch ⋅ abuse.ch
MalwareBazaar | SHA256 c1d781f4c9469977a32f2ad6edea4fda98e6a8eda5aa10149be2311cb369c48a (XTinyLoader)
XTinyLoader

2025-08-06 ⋅ Kaspersky ⋅ Dmitry Kalinin
Spyware that pretends to be an antivirus
LunaSpy

2025-08-06 ⋅ ANY.RUN ⋅ Mauro Eldritch
PyLangGhost RAT: Rising Stealer from Lazarus Group Striking Finance and Technology
PylangGhost GolangGhost

2025-08-06 ⋅ Reverse The Malware ⋅ Diyar Saadi
Reverse Engineering My Name is Yuyun Worm

2025-08-06 ⋅ Silent Push ⋅ Silent Push
Unmasking SocGholish: Silent Push Untangles the Malware Web Behind the “Pioneer of Fake Updates” and Its Operator, TA569
FAKEUPDATES MintsLoader Parrot TDS Parrot TDS WebShell Raspberry Robin

2025-08-05 ⋅ Defentive ⋅ Defentive Threat Research
Lost in Translation: Threat Actors Use SEO Poisoning and Fake DeepL Sites to Distribute Gh0st RAT
Ghost RAT