Malpedia Library

2020-04-16 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT

2020-04-02 ⋅ Cisco Talos ⋅ Vanja Svajcer
AZORult brings friends to the party
Azorult Remcos

2020-04-01 ⋅ Cisco ⋅ Andrea Kaiser, Shyam Sundar Ramaswami
Navigating Cybersecurity During a Pandemic: Latest Malware and Threat Actors
Azorult CloudEyE Formbook KPOT Stealer Metamorfo Nanocore RAT NetWire RC TrickBot

2020-03-31 ⋅ Cisco Talos ⋅ Chris Neal
Trickbot: A primer
TrickBot

2020-03-05 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vitor Ventura, Warren Mercer
Bisonal: 10 years of play
Korlia

2020-02-20 ⋅ Cisco Talos ⋅ Asheer Malhotra
ObliqueRAT: New RAT hits victims' endpoints via malicious documents
Oblique RAT

2020-02-18 ⋅ Cisco Talos ⋅ Vanja Svajcer
Building a bypass with MSBuild
Cobalt Strike GRUNT MimiKatz

2020-02-12 ⋅ Cisco Talos ⋅ Chris Neal
Loda RAT Grows Up
Loda

2020-01-16 ⋅ Cisco Talos ⋅ Eric Kuhla, Paul Rascagnères, Vitor Ventura, Warren Mercer
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
JhoneRAT

2019-12-17 ⋅ Cisco ⋅ Dave Liebenberg, JJ Cummings
Incident Response lessons from recent Maze ransomware attacks
Maze

2019-10-21 ⋅ Cisco Talos ⋅ Chris Neal, Vitor Ventura
Gustuff return, new features for victims
Gustuff

2019-09-26 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Divergent: "Fileless" NodeJS Malware Burrows Deep Within the Host
Divergent

2019-09-24 ⋅ Cisco Talos ⋅ Jungsoo An, Paul Rascagnères, Warren Mercer
How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit

2019-08-28 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Holger Unterbrink
RAT Ratatouille: Backdooring PCs with leaked RATs
Orcus RAT

2019-08-27 ⋅ Cisco Talos ⋅ Paul Rascagnères, Vanja Svajcer
China Chopper still active 9 years later
CHINACHOPPER

2019-07-15 ⋅ Cisco Talos ⋅ Edmund Brumaghin
SWEED: Exposing years of Agent Tesla campaigns
Agent Tesla Formbook Loki Password Stealer (PWS) SWEED

2019-07-09 ⋅ Cisco Talos ⋅ Paul Rascagnères
Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques
Sea Turtle

2019-05-23 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Nick Biasini
Sorpresa! JasperLoader targets Italy with a new bag of tricks
JasperLoader

2019-05-23 ⋅ Cisco Talos ⋅ Martin Lee
One year later: The VPNFilter catastrophe that wasn't
VPNFilter

2019-05-20 ⋅ Cisco ⋅ Danny Adamitis, David Maynor, Kendall McKay
Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
MuddyWater