Malpedia Library

Click here to download all references as Bib-File.•

2019-10-16 ⋅ Proofpoint ⋅ Axel F, Dennis Schwarz, Kafeine, Matthew Mesa, Proofpoint Threat Insight Team
TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader
Get2 SDBbot TA505

2019-10-14 ⋅ Proofpoint ⋅ Proofpoint Threat Insight Team
Threat Actor Profile: TA407, the Silent Librarian
Silent Librarian

2019-10-10 ⋅ AhnLab ⋅ ASEC Analysis Team
ASEC Report Vol. 96: Analysis Report on Operation Red Salt, Analysis on the Malicious SDB File Found in Ammyy Hacking Tool
SDBbot

2019-09-30 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
Analysis and disclosure of the CIA's cyber arsenal
Lambert

2019-09-26 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Divergent

2019-09-26 ⋅ Proofpoint ⋅ Bryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos

2019-09-25 ⋅ Cylance ⋅ Cylance Research and Intelligence Team
PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware
PcShare

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil: The GandCrab Connection
REvil GOLD SOUTHFIELD

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil/Sodinokibi Ransomware
REvil GOLD SOUTHFIELD

2019-09-22 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Insight Team
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs
Lookback TA410

2019-09-19 ⋅ NSHC ⋅ ThreatRecon Team
Hagga of SectorH01 continues abusing Bitly, Blogger and Pastebin to deliver RevengeRAT and NanoCore
Nanocore RAT Revenge RAT

2019-09-18 ⋅ Symantec ⋅ Security Response Attack Investigation Team
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
SysKit Tortoiseshell

2019-09-16 ⋅ Malwarebytes ⋅ Threat Intelligence Team
Emotet is back: botnet springs back to life with new spam campaign
Emotet

2019-09-11 ⋅ Secureworks ⋅ CTU Research Team
COBALT DICKENS Goes Back to School…Again
Silent Librarian

2019-09-06 ⋅ Proofpoint ⋅ Proofpoint Threat Insight Team
PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module
PsiX

2019-09-05 ⋅ Proofpoint ⋅ Michael Walsh, Proofpoint Threat Insight Team
Seems Phishy: Back to School Lures Target University Students and Staff
Silent Librarian

2019-09-04 ⋅ SonicWall ⋅ SonicWall CaptureLabs Threats Research Team
HILDACRYPT ransomware actively spreading in the wild
HILDACRYPT

2019-08-29 ⋅ ThreatRecon ⋅ ThreatRecon Team
SectorJ04 Group’s Increased Activity in 2019
FlawedAmmyy ServHelper TA505

2019-08-28 ⋅ Cylance ⋅ Cylance Threat Research Team
Inside the APT28 DLL Backdoor Blitz
PocoDown

2019-08-27 ⋅ Secureworks ⋅ CTU Research Team
TrickBot Modifications Target U.S. Mobile Users
TrickBot WIZARD SPIDER