Malpedia Library

Click here to download all references as Bib-File.•

2023-04-13 ⋅ CyberArk ⋅ CyberArk Labs
The (Not so) Secret War on Discord
Empyrean

2023-04-12 ⋅ SANS ISC ⋅ Brad Duncan
Recent IcedID (Bokbot) activity
IcedID

2023-04-04 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities
Typhon Stealer

2023-03-23 ⋅ Mandiant ⋅ Josh Fleischer, Rufus Brown, Ryan Tomcik
UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor
HOLERUN LIGHTBUNNY Prophet Spider

2023-03-22 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Jaeson Schultz
Emotet Resumes Spam Operations, Switches to OneNote
Emotet

2023-03-14 ⋅ Cisco Talos ⋅ Asheer Malhotra, Vitor Ventura
Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency
Poet RAT Loda Kasablanka YoroTrooper

2023-02-02 ⋅ Kroll ⋅ Elio Biasiotto, Stephen Green
Hive Ransomware Technical Analysis and Initial Access Discovery
BATLOADER Cobalt Strike Hive

2023-01-19 ⋅ Cisco ⋅ Guilherme Venere
Following the LNK metadata trail
BumbleBee PhotoLoader QakBot

2023-01-18 ⋅ SANS ISC ⋅ Brad Duncan
Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware
Aurora Stealer

2023-01-05 ⋅ Phylum ⋅ Phylum Research Team
A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI
poweRAT

2022-12-24 ⋅ di.sclosu.re ⋅ di.sclosu.re
njRAT malware spreading through Discord CDN and Facebook Ads
NjRAT

2022-12-21 ⋅ Group-IB ⋅ Artem Grischenko
Godfather: A banking Trojan that is impossible to refuse
Godfather

2022-12-20 ⋅ Twitter (@Gi7w0rm) ⋅ Gi7w0rm
Twitter posts discussing recent sighting of Laplas
LaplasClipper

2022-12-18 ⋅ SANS ISC ⋅ Guy Bruneau
Infostealer Malware with Double Extension
Agent Tesla

2022-12-15 ⋅ ISC ⋅ Brad Duncan
Google ads lead to fake software pages pushing IcedID (Bokbot)
IcedID

2022-12-08 ⋅ Cisco Talos ⋅ Tiago Pereira
Breaking the silence - Recent Truebot activity
Clop Cobalt Strike FlawedGrace Raspberry Robin Silence Teleport

2022-12-01 ⋅ mostwanted002
Malware Analysis and Triage Report : PirateStealer - Discord_beta.exe
PirateStealer

2022-11-21 ⋅ vmware ⋅ Takahiro Haruyama, Threat Analysis Unit
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part4 (Dacls, aka MATA)
Dacls

2022-11-17 ⋅ Cisco Talos ⋅ Chris Neal
Get a Loda This: LodaRAT meets new friends
Loda Kasablanka

2022-11-09 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns
Agent Tesla