Malpedia Library

Click here to download all references as Bib-File.•

2020-09-18 ⋅ Symantec ⋅ Threat Hunter Team
Elfin: Latest U.S. Indictments Appear to Target Iranian Espionage Group
Nanocore RAT

2020-09-18 ⋅ Github (gdbinit) ⋅ Pedro Vilaça
EvilQuest/ThiefQuest strings decrypt/deobfuscator
EvilQuest

2020-09-17 ⋅ Avast Decoded ⋅ Jan Rubín
Complex obfuscation? Meh… (1/2)
DarkGate

2020-09-17 ⋅ Joe Security's Blog ⋅ Joe Security
GuLoader's VM-Exit Instruction Hammering explained
CloudEyE

2020-09-17 ⋅ CRYPSIS ⋅ Drew Schmitt
Ransomware’s New Trend: Exfiltration and Extortion
LockBit

2020-09-17 ⋅ PWC UK ⋅ PWC UK
Analysis of WellMail malware's Command and Control (C2) server
WellMail

2020-09-17 ⋅ FBI ⋅ FBI
FBI FLASH ME-000134-MW: Indicators of Compromise Associated with Rana Intelligence Computing, also known as APT39, Chafer, Cadelspy, Remexi, and ITG07

2020-09-17 ⋅ FBI ⋅ FBI
FBI PIN Number 20200917-001: IRGC-Associated Cyber Operations Against US Company Networks
MimiKatz Nanocore RAT

2020-09-17 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Counter Terrorism Designations; Iran/Cyber-related Designations

2020-09-17 ⋅ U.S. Department of the Treasury ⋅ U.S. Department of the Treasury
Treasury Sanctions Cyber Actors Backed by Iranian Intelligence Ministry

2020-09-17 ⋅ SophosLabs Uncut ⋅ Andrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze

2020-09-17 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Maze ransomware now encrypts via virtual machines to evade detection
Maze

2020-09-17 ⋅ Max Kersten's Blog ⋅ Max Kersten
Automatic ReZer0 payload and configuration extraction

2020-09-16 ⋅ Qianxin ⋅ Red Raindrop Team
Target defense industry: Lazarus uses recruitment bait combined with continuously updated cyber weapons
CRAT

2020-09-16 ⋅ RiskIQ ⋅ Jon Gross
RiskIQ: Adventures in Cookie Land - Part 2
8.t Dropper Chinoxy Poison Ivy

2020-09-16 ⋅ Zscaler ⋅ Aditya Sharma, Avinash Kumar
Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites
WpBruteBot

2020-09-16 ⋅ Intel 471 ⋅ Intel 471
Partners in crime: North Koreans and elite Russian-speaking cybercriminals
TrickBot

2020-09-16 ⋅ FBI ⋅ FBI
FBI Flash AC-000133-TT: Indictment of China-Based Cyber Actors Associated with APT 41for Intrusion Activities
APT41

2020-09-16 ⋅ Department of Justice ⋅ Department of Justice
Seven International Cyber Defendants, Including “Apt41” Actors, Charged In Connection With Computer Intrusion Campaigns Against More Than 100 Victims Globally
APT41 RedGolf

2020-09-15 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader
Mispadu