Malpedia Library

2021-06-21 ⋅ Back Engineering ⋅ _xeroxz
VMProtect 2 - Part Two, Complete Static Analysis

2021-06-16 ⋅ nur.pub ⋅ Twitter (@1umos_)
Cerberus Analysis - Android Banking Trojan
Cerberus

2021-06-13 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.6
FluBot

2021-06-09 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubt version 4.5
FluBot

2021-06-09 ⋅ Twitter (@RedDrip7) ⋅ RedDrip7
Tweet on in the wild exploit of CVE-2021-26868 (according to @_clem1)
Cobalt Strike

2021-06-07 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on characteristic strings in snake keylogger
404 Keylogger

2021-06-04 ⋅ Twitter (@alex_lanstein) ⋅ Alex Lanstein
Tweet on UNC2652/NOBELIUM targeting IOS users exploiting CVE-2021-1879
Cobalt Strike

2021-06-03 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on decrypting FluBot strings
FluBot

2021-06-03 ⋅ Twitter (@James_inthe_box) ⋅ James_inthe_box
Tweet on AskarLoader malware

2021-05-31 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.4
FluBot

2021-05-28 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on REvil ver 2.07
REvil

2021-05-21 ⋅ Twitter (@alberto__segura) ⋅ Alberto Segura
Tweet on Flubot version 4.2 (p.php variant) with new AES strings encryption
FluBot

2021-05-17 ⋅ Back Engineering ⋅ _xeroxz
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture

2021-05-17 ⋅ Github (telekom-security) ⋅ Deutsche Telekom Security GmbH
icedid_analysis
IcedID

2021-05-08 ⋅ Twitter (@Jacob_Pimental) ⋅ Jacob Pimental
Tweet on CyberChef recipe to extract Revil Ransomware configuration
REvil

2021-05-03 ⋅ Twitter (@y_advintel) ⋅ Yelisey Boguslavskiy
Tween on new RaaS Galaxy Ransomware

2021-05-01 ⋅ Twitter (@JAMESWT_MHT) ⋅ JamesWT
Tweet on linux version of DarkSide ransomware
DarkSide DarkSide

2021-04-22 ⋅ Twitter (@ET_Labs) ⋅ ET Labs
Tweet on Lunar Builder exfiltrating data via Discord webhook