Malpedia Library

Click here to download all references as Bib-File.•

2019-09-30 ⋅ Lastline ⋅ Jason Zhang, Stefano Ortolani
HELO Winnti: Attack or Scan?
Winnti

2019-09-28 ⋅ The MalwareMustDie Blog ⋅ unixfreaxjp
MMD-0064-2019 - Linux/AirDropBot
AirDropBot

2019-09-26 ⋅ Juniper ⋅ Paul Kimayong
Masad Stealer: Exfiltrating using Telegram
Masad Stealer

2019-09-26 ⋅ Microsoft ⋅ Microsoft Defender ATP Research Team
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Divergent

2019-09-26 ⋅ Proofpoint ⋅ Bryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos

2019-09-26 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Divergent: "Fileless" NodeJS Malware Burrows Deep Within the Host
Divergent

2019-09-25 ⋅ Cylance ⋅ Cylance Research and Intelligence Team
PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware
PcShare

2019-09-25 ⋅ GovCERT.ch ⋅ GovCERT.ch
Trickbot - An analysis of data collected from the botnet
TrickBot

2019-09-25 ⋅ Twitter (@QW5kcmV3) ⋅ Andrew Thompson
Tweet on APT35 activity
SysKit

2019-09-25 ⋅ Kaspersky Labs ⋅ AMR
Ransomware: two pieces of good news
FortuneCrypt Yatron

2019-09-24 ⋅ Yoroi ⋅ Antonio Farina, Luca Mella
APT or not APT? What's Behind the Aggah Campaign
Azorult

2019-09-24 ⋅ Dissecting Malware ⋅ Marius Genheimer
Return of the Mummy - Welcome back, Emotet
Emotet

2019-09-24 ⋅ DARKReading ⋅ Kelly Jackson Higgins
Iranian Government Hackers Target US Veterans
SysKit Tortoiseshell

2019-09-24 ⋅ ANY.RUN ⋅ ANY.RUN
ANY.RUN analysis on unidentified sample

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil: The GandCrab Connection
REvil GOLD SOUTHFIELD

2019-09-24 ⋅ Secureworks ⋅ CTU Research Team
REvil/Sodinokibi Ransomware
REvil GOLD SOUTHFIELD

2019-09-24 ⋅ The Citizen Lab ⋅ Adam Hulcoop, and Ron Deibert, Bahr Abdul Razzak, Bill Marczak, Etienne Maynier, John Scott-Railton, Masashi Crete-Nishihata
Missing Link Tibetan Groups Targeted with 1-Click Mobile Exploits
PoisonCarp POISON CARP

2019-09-24 ⋅ Cisco Talos ⋅ Jungsoo An, Paul Rascagnères, Warren Mercer
How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit

2019-09-24 ⋅ ESET Research ⋅ ESET Research
No summer vacations for Zebrocy
Zebrocy

2019-09-23 ⋅ MITRE ⋅ MITRE ATT&CK
APT41
Derusbi MESSAGETAP Winnti ASPXSpy BLACKCOFFEE CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT MimiKatz NjRAT PlugX ShadowPad Winnti ZXShell APT41