Malpedia Library

Click here to download all references as Bib-File.•

2024-09-26 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Lior Rochberger
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
FPSpy KLogEXE Kimsuky

2024-05-23 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043

2023-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Assaf Dahan, Daniel Frank, Or Chechik, Tom Fakterman
Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors
Apostle Pink Sandstorm

2023-10-31 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Tom Fakterman
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
Kazuar

2022-05-04 ⋅ Cybereason ⋅ Akihiro Tomita, Assaf Dahan, Chen Erlich, Daniel Frank, Fusao Tanida, Niv Yona, Ofir Ozer
Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques
PRIVATELOG Spyder STASHLOG Winnti

2022-05-04 ⋅ Cybereason ⋅ Akihiro Tomita, Assaf Dahan, Chen Erlich, Daniel Frank, Fusao Tanida, Niv Yona, Ofir Ozer
Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive
PRIVATELOG Spyder STASHLOG Winnti

2022-04-30 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank
PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
PortDoor

2022-02-01 ⋅ Cybereason ⋅ Daniel Frank
PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage

2021-10-06 ⋅ Cybereason ⋅ Assaf Dahan, Chen Erlich, Daniel Frank, Tom Fakterman
Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms
ShellClient RAT

2021-08-03 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae

2021-03-18 ⋅ Cybereason ⋅ Daniel Frank
Cybereason Exposes Campaign Targeting US Taxpayers with NetWire and Remcos Malware
NetWire RC Remcos

2021-01-26 ⋅ Cybereason ⋅ Daniel Frank
Cybereason vs. RansomEXX Ransomware
RansomEXX RansomEXX

2020-11-02 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
Back to the Future: Inside the Kimsuky KGH Spyware Suite
BabyShark GoldDragon KGH_SPY Kimsuky

2020-07-16 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank, Mary Zhao
A Bazar of Tricks: Following Team9’s Development Cycles (IOCs)
BazarBackdoor

2020-07-16 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank, Mary Zhao
A Bazar of Tricks: Following Team9’s Development Cycles
BazarBackdoor

2020-04-30 ⋅ Cybereason ⋅ Assaf Dahan, Daniel Frank, Lior Rochberger, Yaron Rimmer
EVENTBOT: A NEW MOBILE BANKING TROJAN IS BORN
Eventbot