Malpedia Library

2022-08-02 ⋅ Cisco Talos ⋅ Asheer Malhotra, Vitor Ventura
Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
Manjusaka Cobalt Strike Manjusaka

2022-07-28 ⋅ Kaspersky Labs ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy

2022-07-28 ⋅ Kaspersky ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data

2022-07-27 ⋅ SANS ISC ⋅ Brad Duncan
IcedID (Bokbot) with Dark VNC and Cobalt Strike
DarkVNC IcedID

2022-07-25 ⋅ Kaspersky ⋅ GReAT
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

2022-07-21 ⋅ Censys ⋅ Matt Lembright
Russian Ransomware C2 Network Discovered in Censys Data
DeimosC2 PoshC2

2022-07-20 ⋅ U.S. Cyber Command ⋅ Cyber National Mission Force Public Affairs
Cyber National Mission Force discloses IOCs from Ukrainian networks
Cobalt Strike GraphSteel GrimPlant MicroBackdoor

2022-07-18 ⋅ Censys ⋅ Censys
Russian Ransomware C2 Network Discovered in Censys Data
Cobalt Strike DeimosC2 MimiKatz PoshC2

2022-07-18 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Moldy Pisces
RokRAT APT37

2022-07-13 ⋅ Cisco ⋅ Nick Biasini
Transparent Tribe begins targeting education sector in latest campaign
Crimson RAT Oblique RAT

2022-07-08 ⋅ Sekoia ⋅ sekoia
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty Zeppelin

2022-07-08 ⋅ Sekoia ⋅ Threat & Detection Research Team
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty

2022-07-07 ⋅ SANS ISC ⋅ Brad Duncan
Emotet infection with Cobalt Strike
Cobalt Strike Emotet

2022-07-06 ⋅ Fortinet ⋅ Cara Lin
From Follina to Rozena - Leveraging Discord to Distribute a Backdoor
Rozena

2022-06-30 ⋅ CYBER GEEKS All Things Infosec ⋅ CyberMasterV
How to Expose a Potential Cybercriminal due to Misconfigurations
Loki Password Stealer (PWS)

2022-06-30 ⋅ Cyber Geeks (CyberMasterV) ⋅ Vlad Pasca
How to Expose a Potential Cybercriminal due to Misconfigurations
Loki Password Stealer (PWS)

2022-06-21 ⋅ Cisco Talos ⋅ Chris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz

2022-06-17 ⋅ SANS ISC ⋅ Brad Duncan
Malspam pushes Matanbuchus malware, leads to Cobalt Strike
Cobalt Strike Matanbuchus

2022-06-16 ⋅ SANS ISC ⋅ Xavier Mertens
Houdini is Back Delivered Through a JavaScript Dropper
Houdini

2022-06-13 ⋅ SANS ISC ⋅ Renato Marinho
Translating Saitama's DNS tunneling messages
Saitama Backdoor