Malpedia Library

Click here to download all references as Bib-File.•

2020-05-22 ⋅ ⋅ Antiy CERT ⋅ Antiy CERT
Analysis of Ramsay components of Darkhotel's infiltration and isolation network
Ramsay DarkHotel

2020-05-21 ⋅ Sophos ⋅ SophosLabs Uncut
Asnarök attackers twice modified attack midstream
NOTROBIN Ragnarok

2020-05-21 ⋅ Intel 471 ⋅ Intel 471
A brief history of TA505
AndroMut Bart Dridex FlawedAmmyy FlawedGrace Gandcrab Get2 GlobeImposter Jaff Kegotip Locky Necurs Philadephia Ransom Pony QuantLoader Rockloader SDBbot ServHelper Shifu Snatch TrickBot

2020-05-21 ⋅ BrightTALK (FireEye) ⋅ Jeremy Kennelly, Kimberly Goody
Navigating MAZE: Analysis of a Rising Ransomware Threat
Maze

2020-05-21 ⋅ PICUS Security ⋅ Süleyman Özarslan
T1055 Process Injection
BlackEnergy Cardinal RAT Downdelph Emotet Kazuar RokRAT SOUNDBITE

2020-05-21 ⋅ Malwarebytes ⋅ Malwarebytes Labs
Cybercrime tactics and techniques
Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC

2020-05-21 ⋅ Bitdefender ⋅ Bogdan Rusu, Liviu Arsene
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
MimiKatz Remexi

2020-05-21 ⋅ Armorblox ⋅ Chetan Anand
Blox Tales #6: Subpoena-Themed Phishing With CAPTCHA Redirect

2020-05-21 ⋅ ESET Research ⋅ Martin Smolár, Mathieu Tartare
No “Game over” for the Winnti Group
ACEHASH HTran MimiKatz PipeMon

2020-05-21 ⋅ Intezer ⋅ Paul Litvak
The Evolution of APT15’s Codebase 2020
Ketrican Ketrum Okrum

2020-05-21 ⋅ Sophos ⋅ SophosLabs Uncut
Ragnar Locker ransomware deploys virtual machine to dodge security
RagnarLocker

2020-05-21 ⋅ VMWare Carbon Black ⋅ Jared Myers
TAU Technical Report: New Attack Combines TinyPOS With Living-off-the-Land Techniques for Scraping Credit Card Data
AbaddonPOS

2020-05-21 ⋅ Trend Micro ⋅ Llallum Victoria, Raphael Centeno
Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

2020-05-21 ⋅ Malwarebytes ⋅ hasherezade, prsecurity
The “Silent Night” Zloader/Zbot
Zloader

2020-05-20 ⋅ Zscaler ⋅ Amandeep Kumar, Rohit Chaturvedi
Latest Version of Amadey Introduces Screen Capturing and Pushes the Remcos RAT
Amadey Remcos

2020-05-20 ⋅ Medium Asuna Amawaka ⋅ Asuna Amawaka
What happened between the BigBadWolf and the Tiger?
Ghost RAT

2020-05-20 ⋅ VIPRE ⋅ VIPRE Labs
Unloading the GuLoader
CloudEyE

2020-05-20 ⋅ SentinelOne ⋅ Jim Walter
Why On-Device Detection Matters: New Ramsay Trojan Targets Air-Gapped Networks
Ramsay

2020-05-20 ⋅ PTSecurity ⋅ PT ESC Threat Intelligence
Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet
FlawedAmmyy

2020-05-20 ⋅ Youtube (nonepizza) ⋅ nonepizza
(PandaBanker Analysis) Fixing Corrupted PE Headers and Unmapping an Executable
PandaBanker