Malpedia Library

2021-06-09 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubt version 4.5
FluBot

2021-06-09 ⋅ Twitter (@RedDrip7) ⋅ RedDrip7
Tweet on in the wild exploit of CVE-2021-26868 (according to @_clem1)
Cobalt Strike

2021-06-07 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on characteristic strings in snake keylogger
404 Keylogger

2021-06-04 ⋅ Twitter (@alex_lanstein) ⋅ Alex Lanstein
Tweet on UNC2652/NOBELIUM targeting IOS users exploiting CVE-2021-1879
Cobalt Strike

2021-06-03 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on decrypting FluBot strings
FluBot

2021-06-03 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on AskarLoader malware

2021-05-31 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.4
FluBot

2021-05-28 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on REvil ver 2.07
REvil

2021-05-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.2 (p.php variant) with new AES strings encryption
FluBot

2021-05-17 ⋅ Back Engineering ⋅ _xeroxz
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture

2021-05-17 ⋅ Github (telekom-security) ⋅ Deutsche Telekom Security GmbH
icedid_analysis
IcedID

2021-05-11 ⋅ Mal-Eats ⋅ mal_eats
Campo, a New Attack Campaign Targeting Japan
AnchorDNS BazarBackdoor campoloader Cobalt Strike Phobos Snifula TrickBot Zloader

2021-05-10 ⋅ Mal-Eats ⋅ mal_eats
Overview of Campo, a new attack campaign targeting Japan
AnchorDNS BazarBackdoor Cobalt Strike ISFB Phobos TrickBot Zloader

2021-05-08 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on CyberChef recipe to extract Revil Ransomware configuration
REvil

2021-05-03 ⋅ Twitter (@y_advintel) ⋅ Yelisey Boguslavskiy
Tween on new RaaS Galaxy Ransomware

2021-05-01 ⋅ Twitter (@JAMESWT_MHT) ⋅ JamesWT
Tweet on linux version of DarkSide ransomware
DarkSide DarkSide

2021-04-22 ⋅ Twitter (@ET_Labs) ⋅ ET Labs
Tweet on Lunar Builder exfiltrating data via Discord webhook

2021-04-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on FluBot Version 4.0
FluBot

2021-04-19 ⋅ Twitter (@_alex_il_) ⋅ Alex Ilgayev
Tweet on QakBot's additional decryption mechanism
QakBot

2021-04-16 ⋅ Medium (Bank Security) ⋅ Bank_Security
Are the hackers all Russian? Results of a 1 year espionage operation in the Top-tier Russian underground communities