Malpedia Library

Click here to download all references as Bib-File.•

2023-05-09 ⋅ Trendmicro ⋅ Gilbert Sison, Khristian Joseph Morales
Managed XDR Investigation of Ducktail in Trend Micro Vision One
DUCKTAIL

2023-05-09 ⋅ Huntress Labs ⋅ Matthew Brennan
Advanced Cyberchef Tips - AsyncRAT Loader
AsyncRAT

2023-05-09 ⋅ paloalto Netoworks: Unit42 ⋅ Anthony Galiette, Daniel Bunce, Doel Santos
Threat Assessment: Royal Ransomware
Royal Ransom Royal Ransom

2023-05-08 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey

2023-05-08 ⋅ cocomelonc ⋅ cocomelonc
Malware analysis report: WinDealer (LuoYu Threat Group)
WinDealer

2023-05-07 ⋅ Twitter (@embee_research) ⋅ Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla

2023-05-05 ⋅ cyble ⋅ Cyble
Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites
DarkWatchman

2023-05-04 ⋅ SecurityScorecard ⋅ Vlad Pasca
How to Analyze Java Malware – A Case Study of STRRAT
STRRAT

2023-05-04 ⋅ SOCRadar ⋅ SOCRadar
Sandworm Attackers Use WinRAR to Wipe Data from Government Devices
RoarBAT

2023-05-03 ⋅ META ⋅ Ben Nimmo, Nathaniel Gleicher
Meta’s Adversarial Threat Report, First Quarter 2023

2023-05-03 ⋅ Palo Alto Networks Unit 42 ⋅ Bob Jung, Daniel Raygoza, Mark Lim
Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale
IcedID PhotoLoader

2023-05-02 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Transparent Tribe APT actively lures Indian Army amidst increased targeting of Educational Institutions
Crimson RAT

2023-05-02 ⋅ loginsoft ⋅ System-41
IcedID Malware: Traversing Through its Various Incarnations
IcedID

2023-05-02 ⋅ Trend Micro ⋅ Hara Hiroaki, Ted Lee
Attack on Security Titans: Earth Longzhi Returns With New Tricks
Croxloader SPHijacker Earth Longzhi

2023-05-01 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto

2023-05-01 ⋅ Check Point Research ⋅ Check Point Research
Chain Reaction: RokRAT's Missing Link
Amadey RokRAT

2023-04-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562)
Mocky LNK

2023-04-27 ⋅ VMRay ⋅ VMRay Labs Team
CatB Ransomware: A New Threat Exploiting DLL Side-Loading
CatB

2023-04-27 ⋅ ReversingLabs ⋅ Carolynn van Arsdale
The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries
Zarya

2023-04-27 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example.