Malpedia Library

Click here to download all references as Bib-File.•

2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability
BazarBackdoor Cobalt Strike

2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX

2021-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Mark Lim
Evade Sandboxes With a Single Bit – the Trap Flag
lampion

2021-07-15 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Quinn Cooke, Robert Falcone
Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
Gasket Mespinoza

2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ John Martineau
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
Gandcrab REvil

2021-07-03 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Kaseya VSA Ransomware Attack
REvil

2021-06-18 ⋅ Palo Alto Networks Unit 42 ⋅ Richard Hickman
Conti Ransomware Gang: An Overview
Conti

2021-06-16 ⋅ Palo Alto Networks Unit 42 ⋅ Jeff White, Kyle Wilhoit
Matanbuchus: Malware-as-a-Service with Demonic Intentions
Matanbuchus BelialDemon

2021-06-09 ⋅ Palo Alto Networks Unit 42 ⋅ Doel Santos
Prometheus Ransomware Gang: A Group of REvil?
Hakbit Prometheus REvil

2021-06-08 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist
TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint

2021-06-07 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Prizmant
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

2021-06-04 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist
TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

2021-05-19 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
BazarCall: Call Centers Help Spread BazarLoader Malware
BazarBackdoor campoloader

2021-05-12 ⋅ Palo Alto Networks Unit 42 ⋅ Ramarcus Baylor
DarkSide Ransomware Gang: An Overview
DarkSide

2021-04-29 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone, Simon Conant
New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)
WeControl WeSteal

2021-04-15 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials
CHINACHOPPER

2021-04-13 ⋅ Palo Alto Networks Unit 42 ⋅ Doel Santos
Threat Assessment: Clop Ransomware
Clop

2021-04-09 ⋅ Palo Alto Networks Unit 42 ⋅ Chris Navarrete, Yanhui Jia
Emotet Command and Control Case Study
Emotet

2021-04-08 ⋅ Palo Alto Networks Unit 42 ⋅ Ashutosh Chitwadgi, Ken Hsu, Vaibhav Singhal
Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

2021-04-07 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Wireshark Tutorial: Examining Traffic from Hancitor Infections
Hancitor