Malpedia Library

2022-03-16 ⋅ Dissecting Malware ⋅ Marius Genheimer
Quick revs: Pandora Ransomware - The Box has been open for a while...
Pandora

2021-12-10 ⋅ Dissecting Malware ⋅ Marius Genheimer
BlackCatConf - Static Configuration Extractor for BlackCat Ransomware
BlackCat

2021-11-14 ⋅ Twitter (@f0wlsec) ⋅ Marius Genheimer
A static config extractor for the main component of DanaBot
DanaBot

2021-07-05 ⋅ Github (f0wl) ⋅ Marius Genheimer
REvil Linux Configuration Extractor
REvil

2021-01-09 ⋅ Github (f0wl) ⋅ Marius Genheimer
ezuri_unpack

2020-12-23 ⋅ Dissecting Malware ⋅ Marius Genheimer
Between a rock and a hard place - Exploring Mount Locker Ransomware
Mount Locker

2020-06-17 ⋅ Github (f0wl) ⋅ Marius Genheimer
deICEr: A Go tool for extracting config from IcedID second stage Loaders
IcedID

2020-04-13 ⋅ Dissecting Malware ⋅ Marius Genheimer
The Blame Game - About False Flags and overwritten MBRs
Glupteba MBR Locker

2020-03-20 ⋅ Dissecting Malware ⋅ Marius Genheimer
Jamba Superdeal: Helo Sir, you want to buy mask? - Corona Safety Mask SMS Scam
Coronavirus Android Worm

2020-03-18 ⋅ Dissecting Malware ⋅ Marius Genheimer
Why would you even bother?! - JavaLocker
JavaLocker

2020-01-23 ⋅ Dissecting Malware ⋅ Marius Genheimer
The Opposite of Fileless Malware - NodeJS Ransomware
NodeJS Ransomware

2020-01-09 ⋅ Dissecting Malware ⋅ Marius Genheimer
Not so nice after all - Afrodita Ransomware
Afrodita

2020-01-02 ⋅ Dissecting Malware ⋅ Marius Genheimer
"Nice decorating. Let me guess, Satan?" - Dot / MZP Ransomware
Dot Ransomware

2019-12-23 ⋅ Dissecting Malware ⋅ Marius Genheimer
I literally can't think of a fitting pun - MrDec Ransomware
MrDec

2019-12-14 ⋅ Dissecting Malware ⋅ Marius Genheimer
Another one for the collection - Mespinoza (Pysa) Ransomware
Mespinoza

2019-12-11 ⋅ Dissecting Malware ⋅ Marius Genheimer
A "Project.exe" that should have stayed in a drawer - MZRevenge / MaMo434376
MZRevenge

2019-12-02 ⋅ Dissecting Malware ⋅ Marius Genheimer
God save the Queen [...] 'cause Ransom is money - SaveTheQueen Encryptor

2019-11-19 ⋅ Dissecting Malware ⋅ Marius Genheimer
Quick and painless - Reversing DeathRansom / "Wacatac"
DeathRansom

2019-11-05 ⋅ Dissecting Malware ⋅ Marius Genheimer
Try not to stare - MedusaLocker at a glance
MedusaLocker

2019-10-29 ⋅ Dissecting Malware ⋅ Marius Genheimer
Osiris, the god of afterlife...and banking malware?!
Kronos

2019-10-26 ⋅ Dissecting Malware ⋅ Marius Genheimer
Earn-quick-BTC-with-Hiddentear.mp4 / About Open Source Ransomware
HiddenTear

2019-10-02 ⋅ Dissecting Malware ⋅ Marius Genheimer
Nicht so goot - Breaking down Gootkit and Jasper (+ FTCODE)
FTCODE JasperLoader GootKit

2019-09-24 ⋅ Dissecting Malware ⋅ Marius Genheimer
Return of the Mummy - Welcome back, Emotet
Emotet

2019-09-07 ⋅ Dissecting Malware ⋅ Marius Genheimer
Malicious RATatouille
Remcos

2019-08-10 ⋅ Dissecting Malware ⋅ Marius Genheimer
GermanWiper's big Brother? GandGrab's kid ? Sodinokibi!
REvil

2019-07-31 ⋅ Dissecting Malware ⋅ Marius Genheimer
TFW Ransomware is only your side hustle...
Ordinypt

2019-07-30 ⋅ Dissecting Malware ⋅ Marius Genheimer
Picking Locky
Locky

2019-07-28 ⋅ Dissecting Malware ⋅ Marius Genheimer
Third time's the charm? Analysing WannaCry samples
WannaCryptor