Malpedia Library

Click here to download all references as Bib-File.•

2018-02-26 ⋅ Opcode Security research ⋅ ntopcode
Anatomy of the Process Environment Block (PEB) (Windows Internals)

2018-02-26 ⋅ Secure coding and more blog ⋅ Antonio Parata
Analyzing the nasty .NET protection of the Ploutus.D malware
Ploutus ATM

2018-02-26 ⋅ Cisco Talos ⋅ Martin Lee, Paul Rascagnères
Who Wasn’t Responsible for Olympic Destroyer?
Olympic Destroyer

2018-02-26 ⋅ Bleeping Computer ⋅ Catalin Cimpanu
Nanocore RAT Author Gets 33 Months in Prison
Nanocore RAT

2018-02-26 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Thanatos Ransomware Is First to Use Bitcoin Cash. Messes Up Encryption
Thanatos Ransomware

2018-02-23 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan
OilRig

2018-02-23 ⋅ Malwarebytes ⋅ hasherezade
Avzhan DDoS bot dropped by Chinese drive-by attack
Avzhan

2018-02-23 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan
OopsIE

2018-02-22 ⋅ Vitali Kremez
Let's Learn: Deeper Dive into Ramnit Banker "VNC IFSB" Remote Control Module
Ramnit

2018-02-21 ⋅ Möbius Strip Reverse Engineering ⋅ Rolf Rolles
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #3: Fixing The Function-Related Issues
FinFisher RAT

2018-02-21 ⋅ Möbius Strip Reverse Engineering ⋅ Rolf Rolles
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #2: First Attempt At Devirtualization
FinFisher RAT

2018-02-21 ⋅ Möbius Strip Reverse Engineering ⋅ Rolf Rolles
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #1: Deobfuscating FinSpy VM Bytecode Programs
FinFisher RAT

2018-02-21 ⋅ Möbius Strip Reverse Engineering ⋅ Rolf Rolles
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #4: Second Attempt At Devirtualization
FinFisher RAT

2018-02-21 ⋅ GitHub (RolfRolles) ⋅ Rolf Rolles
FinSpyVM (Static Unpacker for FinSpyVM)
FinFisher RAT

2018-02-21 ⋅ Möbius Strip Reverse Engineering ⋅ Rolf Rolles
FinSpy VM Unpacking Tutorial Part 3: Devirtualization
FinFisher RAT

2018-02-21 ⋅ Twitter (@mstoned7) ⋅ CHA Minseok
Tweet on DPRK APT groups
APT37

2018-02-21 ⋅ Avast ⋅ Threat Intelligence Team
Avast tracks down Tempting Cedar Spyware
TemptingCedar Spyware

2018-02-21 ⋅ Lastline ⋅ Alexander Sevtsov, Stefano Ortolani
Olympic Destroyer: A new Candidate in South Korea
Olympic Destroyer

2018-02-20 ⋅ Kaspersky Labs ⋅ GReAT
A Slice of 2017 Sofacy Activity
X-Agent Seduploader X-Agent Zebrocy Zebrocy (AutoIT) APT28

2018-02-20 ⋅ FireEye ⋅ FireEye
APT37 (REAPER) The Overlooked North Korean Actor
PoorWeb RokRAT APT37