Malpedia Library

2019-09-24 ⋅ Cisco Talos ⋅ Jungsoo An, Paul Rascagnères, Warren Mercer
How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit

2019-09-24 ⋅ ESET Research ⋅ ESET Research
No summer vacations for Zebrocy
Zebrocy

2019-09-23 ⋅ MITRE ⋅ MITRE ATT&CK
APT41
Derusbi MESSAGETAP Winnti ASPXSpy BLACKCOFFEE CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT MimiKatz NjRAT PlugX ShadowPad Winnti ZXShell APT41

2019-09-23 ⋅ Palo Alto Networks Unit 42 ⋅ Brittany Barbehenn, Robert Falcone
xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations
Hisoka

2019-09-23 ⋅ Kaspersky Labs ⋅ Konstantin Zykov
Hello! My name is Dtrack
Dtrack

2019-09-23 ⋅ Random RE ⋅ sysopfb
Diving into Pluroxs DNS based protection layer
Plurox

2019-09-22 ⋅ Check Point Research ⋅ Check Point Research
Rancor: The Year of The Phish
8.t Dropper Cobalt Strike

2019-09-22 ⋅ Proofpoint ⋅ Michael Raggi, Proofpoint Threat Insight Team
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs
Lookback TA410

2019-09-20 ⋅ Trend Micro ⋅ Luis Magisa
Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website
Gmera

2019-09-20 ⋅ Canadian Centre for Cyber Security ⋅ Canadian Centre for Cyber Security
TFlower Ransomware Campaign
TFlower

2019-09-20 ⋅ SNORT Mailing Lists ⋅ YM
Multiple signatures 032
Laturo Stealer

2019-09-20 ⋅ Intezer ⋅ Intezer
Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns
QNAPCrypt

2019-09-19 ⋅ GitHub (werkamsus) ⋅ werkamsus
Lilith
Lilith

2019-09-19 ⋅ MeltX0R
Emissary Panda APT: Recent infrastructure and RAT analysis
ZXShell

2019-09-19 ⋅ NSHC ⋅ ThreatRecon Team
Hagga of SectorH01 continues abusing Bitly, Blogger and Pastebin to deliver RevengeRAT and NanoCore
Nanocore RAT Revenge RAT

2019-09-19 ⋅ Trend Micro ⋅ Maverick Pascual
Fileless Cryptocurrency-Miner GhostMiner Weaponizes WMI Objects, Kills Other Cryptocurrency-Mining Payloads
GhostMiner

2019-09-18 ⋅ SophosLabs Uncut ⋅ Peter Mackenzie
The WannaCry hangover
WannaCryptor

2019-09-18 ⋅ Symantec ⋅ Security Response Attack Investigation Team
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
SysKit Tortoiseshell

2019-09-18 ⋅ IronNet ⋅ Jonathan Lepore
Chirp of the PoisonFrog
BONDUPDATER

2019-09-18 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Malware Used by BlackTech after Network Intrusion
PLEAD