Malpedia Library

Click here to download all references as Bib-File.•

2022-01-11 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Signed DLL campaigns as a service
BATLOADER Cobalt Strike ISFB Zloader

2022-01-02 ⋅ Medium amgedwageh ⋅ Amged Wageh
Automating The Analysis Of An AutoIT Script That Wraps A Remcos RAT
Remcos

2021-12-31 ⋅ victory medium ⋅ Zach Edwards
Compromised Godaddy Infrastructure Attacking Numerous U.S. Government Websites to Promote “Canadian Pharmacy” Scam Websites

2021-12-28 ⋅ Medium Crovax ⋅ Crovax
Extracting Hancitor’s Configuration with Ghidra part 1
Hancitor

2021-12-14 ⋅ Medium s2wlab ⋅ S2W TALON
Logs of Log4shell (CVE-2021-44228): log4j is ubiquitous
Kinsing Mirai Tsunami

2021-12-10 ⋅ Medium s2wlab ⋅ S2W TALON
BlackCat: New Rust based ransomware borrowing BlackMatter’s configuration
BlackCat BlackMatter

2021-11-30 ⋅ Medium nusenu ⋅ nusenu
Is "KAX17" performing de-anonymization Attacks against Tor Users?
KAX17

2021-11-19 ⋅ insomniacs(Medium) ⋅ Asuna Amawaka
It’s a BEE! It’s a… no, it’s ShadowPad.
ShadowPad

2021-11-18 ⋅ Medium 0xchina ⋅ Hamad Alnakal
Malware reverse engineering (Ryuk Ransomware)
Ryuk

2021-11-17 ⋅ Medium ThreatMiner ⋅ ThreatMiner
Android Trojan Targeting Korean Demographic using GitHub for C2
Unidentified APK 006

2021-10-29 ⋅ Medium Luatix ⋅ Julien Richard
OpenCTI data sharing

2021-10-22 ⋅ Medium Jang ⋅ Jang
50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)

2021-10-20 ⋅ Medium ThreatMiner ⋅ ThreatMiner
TM Follow-Up (TAG_APT35_14/10/21)

2021-10-18 ⋅ Medium Confiant ⋅ Taha Karim
Profiling hackers using the Malvertising Attack Matrix by Confiant

2021-10-14 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Investigation into the state of NIM malware Part 2
Cobalt Strike NimGrabber Nimrev Unidentified 088 (Nim Ransomware)

2021-10-05 ⋅ Medium s2wlab ⋅ S2W TALON
Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.
Prometheus

2021-09-30 ⋅ Medium proferosec-osm ⋅ Brenton Morris
RansomEXX, Fixing Corrupted Ransom
RansomEXX

2021-09-29 ⋅ Medium BlueMonkey ⋅ BlueMonkey
Aria-Body Loader? Is that you?
Aria-body

2021-09-27 ⋅ Medium ryancor ⋅ Ryan Cornateanu
Deobfuscating PowerShell Malware Droppers
Agent.BTZ

2021-09-26 ⋅ Medium BlueteamOps ⋅ BlueteamOps
Supercharging Bulk DFIR triage with Node-RED, Google’s Log2timeline & Google’s Timesketch