Malpedia Library

Click here to download all references as Bib-File.•

2023-07-23 ⋅ Medium infoSec Write-ups ⋅ mov_eax_27
Unpacking an Emotet Trojan
Emotet

2023-07-11 ⋅ Twitter (@embee_research) ⋅ Embee_research
Tweets on Ransomware Infrastructure Analysis With Censys and GrabbrApp
DarkSide

2023-06-24 ⋅ Twitter (@embee_research) ⋅ Embee_research
SmokeLoader - Malware Analysis and Decoding With Procmon
SmokeLoader

2023-06-08 ⋅ Twitter (@embee_research) ⋅ Embee_research
Practical Queries for Identifying Malware Infrastructure: An informal page for storing Censys/Shodan queries
Amadey AsyncRAT Cobalt Strike QakBot Quasar RAT Sliver solarmarker

2023-05-19 ⋅ Twitter (@embee_research) ⋅ Embee_research
Analysis of Amadey Bot Infrastructure Using Shodan
Amadey

2023-05-18 ⋅ Twitter (@embee_research) ⋅ Embee_research
Identifying Laplas Infrastructure Using Shodan and Censys
LaplasClipper

2023-05-17 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Emilia Neuber, Jiro Minier, Johann Aydinbas, Kritika Roy
Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter

2023-05-15 ⋅ embeeresearch ⋅ Embee_research
Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys
Quasar RAT

2023-05-07 ⋅ Twitter (@embee_research) ⋅ Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla

2023-04-21 ⋅ Symantec ⋅ Threat Hunter Team
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
VEILEDSIGNAL

2023-04-20 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
New OCX#HARVESTER Attack Campaign Leverages a Modernized More_eggs Suite to Target Victims
More_eggs

2023-04-11 ⋅ Twitter (@Unit42_Intel) ⋅ Unit42
Tweet on change of IcedID backconnect traffic port from 8080 to 443
IcedID

2023-04-10 ⋅ Twitter (@embee_research) ⋅ Matthew
Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer

2023-04-08 ⋅ Twitter (@embee_research) ⋅ Embee_research
Dcrat - Manual De-obfuscation of .NET Malware
DCRat

2023-03-21 ⋅ Twitter (@splinter_code) ⋅ Antonio Cocomazzi
Tweet on BlackByte ransomware rewrite in C++
BlackByte

2023-03-10 ⋅ Security0wnage ⋅ Security0wnage
How Do You Like Dem Eggs? I like Mine Scrambled, Really Scrambled - A Look at Recent more_eggs Samples
More_eggs

2023-02-02 ⋅ YouTube (Embee Research) ⋅ Embee_research
Xworm Loader Analysis - Decoding Malware Scripts and Extracting C2's with DnSpy and CyberChef
XWorm

2023-01-09 ⋅ YouTube (Embee Research) ⋅ Embee_research
Malware Analysis - VBS Decoding With Cyberchef (Nanocore Loader)
Nanocore RAT

2022-12-24 ⋅ Medium (@DCSO_CyTec) ⋅ Denis Szadkowski, Hendrik Baecker, Jiro Minier, Johann Aydinbas
APT41 — The spy who failed to encrypt me
CHINACHOPPER

2022-12-01 ⋅ mostwanted002
Malware Analysis and Triage Report : PirateStealer - Discord_beta.exe
PirateStealer