Malpedia Library

2022-08-22 ⋅ Medium (Katie’s Five Cents) ⋅ Katie Nickels
A Cyber Threat Intelligence Self-Study Plan: Part 2

2022-08-11 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
State of the Remote Access Tools, Part 1

2022-08-09 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Pivoting on a SharpExt to profile Kimusky panels for great good
Kimsuky

2022-08-04 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
IcedID leverages PrivateLoader
IcedID PrivateLoader

2022-07-06 ⋅ Medium s2wlab ⋅ HOTSAUCE | S2W TALON
变脸, Teng Snake (a.k.a. Code Core)
CodeCore Xiaoqiying

2022-07-02 ⋅ Medium osamaellahi ⋅ Osama Ellahi
Spoofing Email, Message, IP and UserAgent

2022-06-27 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Unpacking a JsonPacker-packed sample
Xenomorph

2022-06-20 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker

2022-06-16 ⋅ Medium s2wlab ⋅ S2W TALON
Raccoon Stealer is Back with a New Version
Raccoon

2022-06-09 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Quick look into a new sample of Android/BianLian
BianLian Hydra

2022-05-25 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
SocGholish Campaigns and Initial Access Kit
FAKEUPDATES Blister Cobalt Strike NetSupportManager RAT

2022-05-12 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Reversing an Android sample which uses Flutter

2022-05-12 ⋅ Medium s2wlab ⋅ Jiho Kim
The History of BlackGuard Stealer
BlackGuard

2022-04-27 ⋅ Medium elis531989 ⋅ Eli Salem
The chronicles of Bumblebee: The Hook, the Bee, and the Trickbot connection
BumbleBee TrickBot

2022-04-25 ⋅ Medium proferosec-osm ⋅ Brenton Morris
Static unpacker and decoder for Hello Kitty Packer
HelloKitty

2022-04-15 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Revisiting BatLoader C2 structure
BATLOADER