Malpedia Library

Click here to download all references as Bib-File.•

2021-02-17 ⋅ US-CERT ⋅ CISA
Malware Analysis Report (AR21-048G): AppleJeus: Ants2Whale
AppleJeus AppleJeus

2021-02-04 ⋅ HAL ⋅ Aimad Berady, Gilles Guette, Mathieu Jaume, Valérie Viet Triem Tong
From TTP to IoC: Advanced Persistent Graphs forThreat Hunting

2021-02-01 ⋅ GoSecure ⋅ Lilly Chalupowski
BazarLoader Mocks Researchers in December 2020 Malspam Campaign
BazarBackdoor

2021-02-01 ⋅ ⋅ EST Security ⋅ Alyac
Thallium organization conducts elaborate cyber attack against Russian researchers working in the North Korean economyPerforming sophisticated cyber attacks against researchers

2021-01-27 ⋅ lacework ⋅ Chris Hall
Groundhog Botnet Rapidly Infecting Cloud
XOR DDoS

2021-01-25 ⋅ Trend Micro ⋅ Fyodor Yarochkin, Loseway Lu, Marshall Chen, Matsukawa Bakuei, Vladimir Kropotov
Fake Office 365 Used for Phishing Attacks on C-Suite Targets

2021-01-24 ⋅ Medium nasbench ⋅ Nasreddine Bencherchali
Common Tools & Techniques Used By Threat Actors and Malware — Part I

2021-01-18 ⋅ Arxiv ⋅ Daniele Sgandurra, Jason Gray, Lorenzo Cavallaro
Identifying Authorship Style in Malicious Binaries: Techniques, Challenges & Datasets

2021-01-03 ⋅ ⋅ EST Security ⋅ Alyac
Thallium organization exploits private stock investment messenger to attack software supply chain

2020-12-17 ⋅ ⋅ EST Security ⋅ Alyac
Thallium organization attacks domestic blockchain company with documents of non-delinquency confirmation

2020-12-14 ⋅ Volexity ⋅ Damien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster, Volexity Threat Research
Dark Halo Leverages SolarWinds Compromise to Breach Organizations
SUNBURST

2020-12-09 ⋅ FireEye ⋅ Mitchell Clarke, Tom Hall
It's not FINished The Evolving Maturity in Ransomware Operations (SLIDES)
Cobalt Strike DoppelPaymer QakBot REvil

2020-11-30 ⋅ FireEye ⋅ Mitchell Clarke, Tom Hall
It's not FINished The Evolving Maturity in Ransomware Operations
Cobalt Strike DoppelPaymer MimiKatz QakBot REvil

2020-11-10 ⋅ lacework ⋅ Chris Hall
Meet Muhstik – IoT Botnet Infecting Cloud Servers
Tsunami

2020-10-16 ⋅ ⋅ Alyac ⋅ Alyac
탈륨조직의 국내 암호화폐 지갑 펌웨어로 위장한 다차원 APT 공격 분석출처 ( THALLIUM)

2020-10-15 ⋅ lacework ⋅ Chris Hall
Moobot's Cloud Migration

2020-10-14 ⋅ Palo Alto Networks Unit 42 ⋅ Ken Hsu, Qi Deng, Vaibhav Singhal, Yue Guan
Two New IoT Vulnerabilities Identified with Mirai Payloads
Mirai

2020-10-13 ⋅ Nozomi Networks ⋅ Alessandro Di Pinto
Overcoming the Challenges of Detecting P2P Botnets on Your Network
Mozi

2020-10-03 ⋅ Medium vishal_thakur ⋅ Vishal Thakur
Grinju Downloader: Anti-analysis (on steroids) | Part 2
Grinju Downloader

2020-09-22 ⋅ Medium (@vishal_thakur) ⋅ Vishal Thakur
Grinju Downloader
Grinju Downloader