Malpedia Library

Click here to download all references as Bib-File.•

2022-10-24 ⋅ Medium CSIS Techblog ⋅ Benoît Ancel
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Gozi ISFB Snifula

2022-10-24 ⋅ Medium s2wlab ⋅ Lee Sebin, Shin Yeongjae
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
FastFire FastSpy

2022-10-11 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Denis Szadkowski, Johann Aydinbas
Tracking down Maggie
Maggie

2022-10-04 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Johann Aydinbas
MSSQL, meet Maggie
Maggie

2022-09-30 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay
Diavol resurfaces
Diavol

2022-09-22 ⋅ Medium s2wlab ⋅ Jeong Hyunsik, Yang HuiSeong
Quick Overview of Leaked LockBit 3.0 (Black) builder program
LockBit

2022-09-01 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Hunting C2/Adversaries Infrastructure with Shodan and Censys
Brute Ratel C4 Cobalt Strike Deimos GRUNT IcedID Merlin Meterpreter Nighthawk PoshC2 Sliver

2022-08-30 ⋅ Medium the_abjuri5t ⋅ John F
NanoCore RAT Hunting Guide
Nanocore RAT

2022-08-22 ⋅ Medium (Katie’s Five Cents) ⋅ Katie Nickels
A Cyber Threat Intelligence Self-Study Plan: Part 2

2022-08-11 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
State of the Remote Access Tools, Part 1

2022-08-09 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Pivoting on a SharpExt to profile Kimusky panels for great good
Kimsuky

2022-08-08 ⋅ Medium CSIS Techblog ⋅ Benoît Ancel
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure
Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader

2022-08-04 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
IcedID leverages PrivateLoader
IcedID PrivateLoader

2022-07-06 ⋅ Medium s2wlab ⋅ HOTSAUCE | S2W TALON
变脸, Teng Snake (a.k.a. Code Core)
CodeCore Xiaoqiying

2022-07-02 ⋅ Medium osamaellahi ⋅ Osama Ellahi
Spoofing Email, Message, IP and UserAgent

2022-06-27 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Unpacking a JsonPacker-packed sample
Xenomorph

2022-06-20 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker

2022-06-16 ⋅ Medium s2wlab ⋅ S2W TALON
Raccoon Stealer is Back with a New Version
Raccoon

2022-06-09 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Quick look into a new sample of Android/BianLian
BianLian Hydra

2022-05-25 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
SocGholish Campaigns and Initial Access Kit
FAKEUPDATES Blister Cobalt Strike NetSupportManager RAT