Malpedia Library

Click here to download all references as Bib-File.•

2025-09-07 ⋅ ⋅ 360 ⋅ 360
APT-C-53 (Gamaredon) Attacks on Ukrainian Government Functions
Pteranodon

2025-03-05 ⋅ CTM360 ⋅ CTM360
PlayPraetor Trojan
Remo

2025-02-27 ⋅ Securite360.net ⋅ Muffin
How Long Can a Vulnerable Server Stay Clean on the Internet? A Honeypot Tale
RedTail

2024-12-26 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
Analysis of the attack activities of APT-C-26 (Lazarus) using weaponized IPMsg software
ComeBacker

2024-12-13 ⋅ Securite360.net ⋅ Muffin
A Painful Quickheal
QuickHeal

2024-10-15 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia
Unidentified 117 (Donot Loader)

2024-07-05 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
APT-C-26 (Lazarus) uses PyPI to attack Windows, Linux, and macOS platforms
SimpleTea SimpleTea

2024-06-03 ⋅ Securite360.net ⋅ Muffin
Unveiling Sharp Panda’s New Loader

2024-04-29 ⋅ Securite360.net ⋅ Muffin
Analysis of Sarwent loader: Old ways die hard

2024-01-12 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Peter Girnus, Simon Zuckerbraun
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
Phemedrone Stealer

2023-08-28 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities

2023-01-10 ⋅ 360 netlab ⋅ Alex Turing, Hui Wang
Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges
xdr33

2022-12-06 ⋅ ⋅ 360 Threat Intelligence Center ⋅ 360 Beacon Lab
Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT

2022-11-03 ⋅ 360 netlab ⋅ Liu Ya, RootKiter
P2P Botnets: Review - Status - Continuous Monitoring
FritzFrog Hajime Mozi Pink

2022-08-29 ⋅ 360 netlab ⋅ wanghao
PureCrypter is busy pumping out various malicious malware families
Agent Tesla PureCrypter RedLine Stealer

2022-08-29 ⋅ ⋅ 360 netlab ⋅ wanghao
PureCrypter Loader continues to be active and has spread to more than 10 other families
404 Keylogger Agent Tesla AsyncRAT Formbook RedLine Stealer

2022-08-17 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT

2022-08-05 ⋅ ⋅ 360 netlab ⋅ Daji, suqitian
The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard

2022-08-05 ⋅ 360 netlab ⋅ 360 Netlab
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard

2022-05-18 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity