Malpedia Library

Click here to download all references as Bib-File.•

2022-01-09 ⋅ Github (xephora) ⋅ @x3ph1
Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware
Choziosi Choziosi

2022-01-09 ⋅ Atomic Matryoshka ⋅ z3r0day_504
Malware Headliners: Dridex
Dridex

2022-01-02 ⋅ Atomic Matryoshka ⋅ z3r0day_504
"Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer
RedLine Stealer

2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot

2021-11-16 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group

2021-11-16 ⋅ Twitter (@_icebre4ker_) ⋅ Fr4
Tweet about Aberebot source code put up for sale by the developer
Aberebot

2021-11-15 ⋅ The DFIR Report ⋅ 0xtornado, v3t0_
Exchange Exploit Leads to Domain Wide Ransomware

2021-11-12 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweets on Void Balaur using QuantLoader and ZStealer
QuantLoader ZStealer

2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike

2021-11-03 ⋅ Twitter (@Corvid_Cyber) ⋅ CORVID
Tweet on a unique Qbot debugger dropped by an actor after compromise
QakBot

2021-11-01 ⋅ The DFIR Report ⋅ @iiamaleks, @samaritan_o
From Zero to Domain Admin
Cobalt Strike Hancitor

2021-10-20 ⋅ Medium ThreatMiner ⋅ ThreatMiner
TM Follow-Up (TAG_APT35_14/10/21)

2021-10-12 ⋅ Twitter (@_CPResearch_) ⋅ Check Point Research
Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex

2021-09-28 ⋅ Netlab ⋅ Alex.Turing, Hui Wang, YANG XU
Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread
Mirai

2021-09-28 ⋅ Twitter (@Max_Mal_) ⋅ Max Malyutin
Tweet on how to debug SquirrelWaffle
Squirrelwaffle

2021-09-14 ⋅ Twitter (@siri_urz) ⋅ S!Ri
Tweet on ATOMSILO ransomware
ATOMSILO

2021-09-13 ⋅ Twitter (@GoSecure_Inc) ⋅ GoSecure
Tweet on BlueStealer
BluStealer

2021-09-02 ⋅ Twitter (@th3_protoCOL) ⋅ Colin, GaborSzappanos
Tweet on Confluence Server exploitation (CVE-2021-26084) in the wild and cobaltsrike activity (mentioned in replies by GaborSzappanos)
Cobalt Strike

2021-08-30 ⋅ Twitter (@Arkbird_SOLG) ⋅ Arkbird
Tweet on MercurialGrabber
MercurialGrabber

2021-08-05 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter