Malpedia Library

Click here to download all references as Bib-File.•

2024-02-22 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
Doppelgänger | Russia-Aligned Influence Operation Targets Germany

2024-01-22 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Tom Hegel
ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
Kimsuky

2023-12-11 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream

2023-10-24 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Tom Hegel
The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest
ShroudedSnooper

2023-09-21 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, QGroup
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
LuaDream

2023-08-17 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Tom Hegel
Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
Cobalt Strike HUI Loader BRONZE STARLIGHT

2023-08-07 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Tom Hegel
Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company
OpenCarrot

2023-06-06 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski
Kimsuky Strikes Again: New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

2023-05-23 ⋅ Aleksandar Milenkoski
Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
RandomQuery

2023-03-23 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Joey Chen, Juan Andrés Guerrero-Saade, QGroup
Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
mim221

2023-02-16 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Collin Farr, Joey Chen, QGroup
WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

2023-01-24 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation
SparkRAT DragonSpark

2023-01-12 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Tom Hegel
NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO
Bobik Dosia NoName057(16)

2022-12-01 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques
Metador

2022-11-07 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
SocGholish Diversifies and Expands Its Malware Staging Infrastructure to Counter Defenders
FAKEUPDATES

2022-09-22 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Amitai Ben Shushan Ehrlich, Juan Andrés Guerrero-Saade
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
Metador

2022-09-22 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Amitai Ben, Juan Andrés Guerrero-Saade, Shushan Ehrlich
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

2022-09-08 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Kotaro Ogino, Yuki Shibuya
Threat Analysis Report: PlugX RAT Loader Evolution
PlugX

2022-09-08 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Jim Walter
Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection
AgendaCrypt Black Basta BlackCat PLAY

2022-09-01 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Amitai Ben Shushan Ehrlich, Juan Andrés Guerrero-Saade
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

2022-07-21 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Jim Walter
LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques
LockBit

2022-04-25 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Loïc Castel, Yonatan Gidnian
THREAT ANALYSIS REPORT: SocGholish and Zloader – From Fake Updates and Installers to Owning Your Systems
FAKEUPDATES Zloader

2021-12-16 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Kotaro Ogino
Inside the LockBit Arsenal - The StealBit Exfiltration Tool
LockBit StealBit

2021-11-09 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Eli Salem
THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware
Cobalt Strike Conti

2021-10-28 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Brian Janower
THREAT ANALYSIS REPORT: Snake Infostealer Malware
404 Keylogger

2021-10-27 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Gal Romano, Rotem Rostami
THREAT ALERT: Malicious Code Implant in the UAParser.js Library

2021-09-27 ⋅ Cybereason ⋅ Aleksandar Milenkoski
Threat Analysis Report: Inside the Destructive PYSA Ransomware
Mespinoza

2021-09-22 ⋅ Cybereason ⋅ Aleksandar Milenkoski, Eli Salem
Threat Analysis Report: PrintNightmare and Magniber Ransomware
Magniber