Malpedia Library

Click here to download all references as Bib-File.•

2021-09-17 ⋅ Medium inteloperator ⋅ Intel Operator
The default: 63 6f 62 61 6c 74 strike
Cobalt Strike

2021-09-16 ⋅ Medium Shabarkin ⋅ Pavel Shabarkin
Pointer: Hunting Cobalt Strike globally
Cobalt Strike

2021-09-12 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444
Cobalt Strike

2021-09-09 ⋅ Medium s2wlab ⋅ S2W TALON
Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction
SunCrypt

2021-09-08 ⋅ Medium s2wlab ⋅ S2W TALON
Groove’s thoughts on Blackmatter, Babuk, and cheese shortages in the Netherlands
Babuk BlackMatter Babuk BlackMatter

2021-09-07 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike C2 Hunting with Shodan
Cobalt Strike

2021-09-07 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Decoding SmartAssembly strings, a Haron ransomware case study
Haron Ransomware

2021-09-02 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike PowerShell Payload Analysis
Cobalt Strike

2021-09-01 ⋅ Medium s2wlab ⋅ Chaewon Moon, Denise Dasom Kim, Jungyeon Lim, S2W LAB INTELLIGENCE TEAM, Sujin Lim, Yeonghyeon Jeong
BlackMatter x Babuk : Using the same web server for sharing leaked files
Babuk BlackMatter Babuk BlackMatter

2021-08-29 ⋅ Medium Asuna Amawaka ⋅ Asuna Amawaka
Quarians, Turians and…QuickHeal
QuickHeal

2021-08-21 ⋅ Medium Crovax ⋅ Crovax
Panda Banker Analysis Part 1
PandaBanker

2021-08-20 ⋅ ⋅ Medium Berhan Bingöl ⋅ Berhan Bingöl
VirtualBox Detection, Anti-Detection

2021-08-19 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Looking at the new Krypton crypter and recent Data Exfiltrator Samples

2021-08-17 ⋅ Medium amgedwageh ⋅ Amged Wageh
LockBit Ransomware Analysis Notes
LockBit

2021-08-17 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike Hunting — DLL Hijacking/Attack Analysis
Cobalt Strike

2021-07-30 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Decrypting BazarLoader strings with a Unicorn
BazarBackdoor

2021-07-25 ⋅ Medium svch0st ⋅ svch0st
Guide to Named Pipes and Hunting for Cobalt Strike Pipes
Cobalt Strike

2021-07-22 ⋅ Medium michaelkoczwara ⋅ Michael Koczwara
Cobalt Strike Hunting — simple PCAP and Beacon Analysis
Cobalt Strike

2021-07-14 ⋅ Medium TowardsDataScience ⋅ John “Turbo” Conwell
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors

2021-07-14 ⋅ Medium s2wlab ⋅ Jaeki Kim
Matryoshka : Variant of ROKRAT, APT37 (Scarcruft)
RokRAT