Malpedia Library

2020-02-21 ⋅ Yoroi ⋅ Antonio Pirozzi, Luigi Martire, Pietro Melillo
Transparent Tribe: Four Years Later
Crimson RAT

2020-02-21 ⋅ ADEO DFIR ⋅ ADEO DFIR
APT10 Threat Analysis Report
CHINACHOPPER HTran MimiKatz PlugX Quasar RAT

2020-02-21 ⋅ KELA ⋅ Raveed Laeb
Exploring the Genesis Supply Chain for Fun and Profit: Part 1 – Misadventures in GUIDology
Azorult

2020-02-20 ⋅ McAfee ⋅ Christiaan Beek, Darren Fitzpatrick, Eamonn Ryan
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part II
Cobalt Strike LockerGoga Maze MegaCortex

2020-02-20 ⋅ NCSC UK ⋅ NCSC UK
UK condemns Russia's GRU over Georgia cyber-attacks

2020-02-20 ⋅ ⋅ JPCERT/CC ⋅ Kota Kino
日本国内の組織を狙ったマルウエアLODEINFO
LODEINFO

2020-02-20 ⋅ ZDNet ⋅ Catalin Cimpanu
Croatia's largest petrol station chain impacted by cyber-attack
Clop

2020-02-20 ⋅ Cisco Talos ⋅ Asheer Malhotra
ObliqueRAT: New RAT hits victims' endpoints via malicious documents
Oblique RAT

2020-02-20 ⋅ Carbon Black ⋅ Takahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)
Winnti

2020-02-20 ⋅ GovCERT.ch ⋅ GovCERT.ch
Analysis of an Unusual HawkEye Sample
HawkEye Keylogger

2020-02-19 ⋅ KELA ⋅ KELA’s Research Team
Uncovering the Anonymity Cloak

2020-02-19 ⋅ ⋅ TOPSEC ⋅ TOPSEC
新冠肺炎疫情期间APT攻击热点追踪报告

2020-02-19 ⋅ Team Cymru ⋅ Team Cymru
Azorult – what we see using our own tools
Azorult

2020-02-19 ⋅ Yoroi ⋅ Marco Ramilli
Uncovering New Magecart Implant Attacking eCommerce
magecart

2020-02-18 ⋅ Personal Blog of Christophe Tafani-Dereeper ⋅ Christophe Tafani-Dereeper
Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader

2020-02-18 ⋅ Trend Micro ⋅ Cedric Pernet, Daniel Lunghi, Jamz Yaneza, Kenney Lu
Uncovering DRBControl
Clambling

2020-02-18 ⋅ Sophos Labs ⋅ Luca Nagy
Nearly a quarter of malware now communicates using TLS
Dridex IcedID TrickBot

2020-02-18 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
Kimsuky