Malpedia Library

Click here to download all references as Bib-File.•

2020-08-21 ⋅ Vimeo (RiskIQ) ⋅ Josh Burgess, Steve Ginty
The Evolution of Ransomware & Pinchy Spider's Shot at the Title
Gandcrab REvil

2020-07-30 ⋅ FireEye ⋅ Joseph Hladik, Josh Fleischer
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates

2020-07-22 ⋅ SentinelOne ⋅ Jason Reaves, Joshua Platt
Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)
ISFB Maze TrickBot Zloader

2020-06-30 ⋅ CrowdStrike ⋅ Chad Hemenway, Chris Cwalina, Josh Burgess, Scot Lippenholz
Playing Chess Against Nation-State and Ransomware Threat Actors

2020-06-22 ⋅ Sentinel LABS ⋅ Jason Reaves, Joshua Platt
Inside a TrickBot Cobalt Strike Attack Server
Cobalt Strike TrickBot

2020-05-31 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
WastedLoader or DridexLoader?
Dridex WastedLocker

2020-05-07 ⋅ FireEye Inc ⋅ Jeremy Kennelly, Joshua Shilko, Kimberly Goody
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Maze

2020-04-22 ⋅ Github (jstrosch) ⋅ Josh Stroschein
Gomorrah stealer (.NET binary)
Gomorrah stealer

2020-04-10 ⋅ Trustwave ⋅ Joshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Three of Three
Mailto

2020-04-08 ⋅ Trustwave ⋅ Joshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Two of Three
Mailto

2020-04-03 ⋅ Josh Stroschein
Unpacking a Trojan with Ghidra and x64dbg
Simda

2020-03-31 ⋅ Trustwave ⋅ Joshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part One of Three
Mailto

2020-01-17 ⋅ FireEye ⋅ Josh Madeley, William Ballenthin
404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor
NOTROBIN NOTROBIN

2020-01-09 ⋅ SentinelOne ⋅ Jason Reaves, Joshua Platt, Vitali Kremez
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
TrickBot WIZARD SPIDER

2019-12-10 ⋅ Sentinel LABS ⋅ Jason Reaves, Joshua Platt, Vitali Kremez
Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT
Anchor

2019-11-29 ⋅ Palo Alto Networks Unit 42 ⋅ Josh Grunzweig, Kyle Wilhoit
The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
CarrotBat

2019-10-10 ⋅ FireEye ⋅ Jeremy Kennelly, Jordan Nuce, Josh Yoder, Kimberly Goody, Nick Carr, Scott Runnels
Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques
BOOSTWRITE

2019-07-08 ⋅ SANS ⋅ Josh M. Bryant, Robert Falcone
Hunting Webshells: Tracking TwoFace
TwoFace

2019-03-20 ⋅ Flashpoint ⋅ Jason Reaves, Joshua Platt
FIN7 Revisited: Inside Astra Panel and SQLRat Malware
SQLRat FIN7

2019-03-20 ⋅ Flashpoint ⋅ Jason Reaves, Joshua Platt
FIN7 Revisited: Inside Astra Panel and SQLRat Malware
DNSRat TinyMet