Malpedia Library

Click here to download all references as Bib-File.•

2020-11-23 ⋅ Youtube (OWASP DevSlop) ⋅ Negar Shabab, Noushin Shabab
Compromised Compilers - A new perspective of supply chain cyber attacks
ShadowPad

2020-11-22 ⋅ FireEye ⋅ Yihao Lim
Election Cyber Threats in the Asia-Pacific Region

2020-11-22 ⋅ Irshad's Blog ⋅ Irshad Muhammad
Analyzing an Emotet Dropper and Writing a Python Script to Statically Unpack Payload.
Emotet

2020-11-22 ⋅ Twitter (@Nocturnus) ⋅ Cybereason Nocturnus
Tweet on new modular stealer that steals passwords, credit cards data, cryptocurrency wallets and downloads further plugins.

2020-11-22 ⋅ malware.love ⋅ Robert Giczewski
Trickbot tricks again [UPDATE]
TrickBot

2020-11-21 ⋅ Toli Security ⋅ Toli Security
Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement
Tsunami

2020-11-21 ⋅ vxhive blog ⋅ 0xastrovax
Deep Dive Into HERMES Ransomware
Hermes

2020-11-21 ⋅ Medium Intel-Honey ⋅ Twitter (@intel_honey)
Reversing Anubis Malware
Anubis

2020-11-20 ⋅ 360 ⋅ kate
360 File-less Attack Protection Intercepts the Banker Trojan BBtok Active in Mexico
BBtok

2020-11-20 ⋅ Trend Micro ⋅ Abraham Camba, Bren Matthew Ebriega, Gilbert Sison
Weaponizing Open Source Software for Targeted Attacks
LaZagne Defray PlugX

2020-11-20 ⋅ Group-IB ⋅ Oleg Skulkin, Roman Rezvukhin, Semyon Rogachev
The Locking Egregor
Egregor QakBot

2020-11-20 ⋅ 360 netlab ⋅ Alex Turing, CNCERT, Hui Wang, Qihoo 360
MooBot on the run using another 0 day targeting UNIX CCTV DVR
MooBot

2020-11-20 ⋅ ZDNet ⋅ Catalin Cimpanu
The malware that usually installs ransomware and you need to remove right away
Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DoppelPaymer Dridex Egregor Emotet FriedEx MegaCortex Phorpiex PwndLocker QakBot Ryuk SDBbot TrickBot Zloader

2020-11-20 ⋅ DomainTools ⋅ Black Lotus Labs, Joe Slowik, Lumen
Current Events to Widespread Campaigns: Pivoting from Samples to Identify Activity

2020-11-20 ⋅ Bleeping Computer ⋅ Lawrence Abrams
LightBot: TrickBot’s new reconnaissance malware for high-value targets
LightBot TrickBot

2020-11-20 ⋅ F-Secure Labs ⋅ Riccardo Ancarani
Detecting Cobalt Strike Default Modules via Named Pipe Analysis
Cobalt Strike

2020-11-20 ⋅ ⋅ 360 netlab ⋅ JiaYu
Blackrota, a highly obfuscated backdoor developed by Go
Cobalt Strike

2020-11-19 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Common Raven – IOCs
BatchWiper Common Raven

2020-11-19 ⋅ ioactive ⋅ Corey Thuen
Hiding in the Noise

2020-11-19 ⋅ FireEye ⋅ Alyssa Rahman, Andrew Oliveau, Brett Hawkins
Purgalicious VBA: Macro Obfuscation With VBA Purging