Malpedia Library

Click here to download all references as Bib-File.•

2019-04-23 ⋅ FireEye ⋅ James T. Bennett, Michael Bailey
CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis

2019-04-22 ⋅ FireEye ⋅ James T. Bennett, Michael Bailey
CARBANAK Week Part One: A Rare Occurrence
Carbanak

2019-03-21 ⋅ CrowdStrike ⋅ James Scalise, Shaun Hurley
Interception: Dissecting BokBot’s “Man in the Browser”
IcedID

2019-03-08 ⋅ The Daily Swig ⋅ James Walker
Emotet trojan implicated in Wolverine Solutions ransomware attack
Emotet

2019-01-03 ⋅ CrowdStrike ⋅ James Scalise, Shaun Hurley
Digging into BokBot’s Core Module
IcedID

2018-12-29 ⋅ Los Angeles Times ⋅ Emily Alpert Reyes, Meg James, Tony Barboza
Malware attack disrupts delivery of L.A. Times and Tribune papers across the U.S.
Ryuk

2018-10-01 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on DGA using TLD xyz
MakLoader

2018-08-06 ⋅ rinse and REpeat analysis ⋅ James Haughom
Reversing Cerber - RaaS
Cerber

2018-05-03 ⋅ McAfee ⋅ Itai Liba, James Walter, Ryan Sherstobitoff
Dissecting Operation Troy: Cyberespionage in South Korea
concealment_troy http_troy Lazarus Group

2018-01-01 ⋅ McAfee ⋅ Itai Liba, James Walter, Ryan Sherstobitoff
Dissecting Operation Troy: Cyberespionage in South Korea
Lazarus Group

2017-10-16 ⋅ Hirman Muhammad bin Abu Bakar, James Wong, Sergei Shevchenko
Taiwan Heist: Lazarus Tools and Ransomware
Bitsran Hermes

2017-10-16 ⋅ BAE Systems ⋅ Hirman Muhammad bin Abu Bakar, James Wong, Sergei Shevchenko
Taiwan Heist: Lazarus Tools and Ransomware
BLINDTOAD Lazarus Group

2017-09-12 ⋅ FireEye ⋅ Ben Read, Genwei Jiang, James T. Bennett
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
FinFisher RAT BlackOasis

2017-06-12 ⋅ FireEye ⋅ Barry Vengerik, James T. Bennett
Behind the CARBANAK Backdoor
Carbanak DRIFTPIN

2015-04-18 ⋅ FireEye ⋅ Chris Phillips, Corbin Souffrant, Dan Caselden, Darien Kin, Genwei Jiang, James “Tom” Bennett, Jonathan Wrolstad, Joshua Homan, Yasir Khalid
Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack
APT28

2014-09-04 ⋅ FireEye ⋅ James T. Bennett, Mike Scott
Forced to Adapt: XSLCmd Backdoor Now on OS X
XSLCmd APT15

2014-02-19 ⋅ FireEye ⋅ James T. Bennett, Nart Villeneuve
XtremeRAT: Nuisance or Threat?
Xtreme RAT

2013-12-12 ⋅ FireEye Inc ⋅ James T. Bennett, Kenneth Geers, Mike Scott, Nart Villeneuve, Ned Moran, Thoufique Haq
OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs
Tidepool APT15

2013-02-28 ⋅ FireEye ⋅ James T. Bennett
It's a Kind of Magic
MiniDuke

2013-02-13 ⋅ FireEye ⋅ James T. Bennett
The Number of the Beast
ItaDuke

2013-01-01 ⋅ McAfee ⋅ Itai Liba, James Walter, Ryan Sherstobitoff
Dissecting Operation Troy: Cyberespionage in South Korea
httpdropper

2012-10-23 ⋅ Trend Micro ⋅ James T. Bennett, Nart Villeneuve
Detecting APT Activity with Network Traffic Analysis
Enfal Gh0stnet Nitro sykipot taidoor

2011-10-26 ⋅ Intego ⋅ Peter James
Tsunami Backdoor Can Be Used for Denial of Service Attacks
Tsunami

2010-07-24 ⋅ Sophos ⋅ James Wyke
Why won’t my sample run?
Zeus