Malpedia Library

Click here to download all references as Bib-File.•

2023-09-11 ⋅ NCC Group ⋅ Alberto Segura, Joshua Kamp
From ERMAC to Hook: Investigating the technical differences between two Android malware variants
ERMAC Hook

2022-09-30 ⋅ NCC Group ⋅ Michael Mullen, Nikolaos Pantazopoulos, William Backhouse
A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion
ShadowPad

2022-07-13 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
Climbing Mount Everest: Black-Byte Bytes Back?
BlackByte

2022-06-06 ⋅ NCC Group ⋅ Peter Gurney, Ross Inman
Shining the Light on Black Basta
Black Basta

2022-05-05 ⋅ NCC Group ⋅ Michael Matthews, Nikolaos Pantazopoulos
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
LCPDot

2022-04-29 ⋅ NCC Group ⋅ Mike Stokkel, Nikolaos Pantazopoulos, Nikolaos Totosis
Adventures in the land of BumbleBee – a new malicious loader
BazarBackdoor BumbleBee Conti

2022-03-03 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
SharkBot

2022-02-17 ⋅ NCC Group ⋅ Michael Mullen, Richard Footman, Simon Biggs
Detecting Karakurt – an extortion focused threat actor

2021-12-12 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
Log4Shell: Reconnaissance and post exploitation network detection

2021-12-01 ⋅ NCC Group ⋅ Michael Sandee, Nikolaos Pantazopoulos
Tracking a P2P network related to TA505
FlawedGrace Necurs

2021-11-08 ⋅ NCC Group ⋅ RIFT: Research and Intelligence Fusion Team
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access

2021-10-11 ⋅ NCC Group ⋅ NCCGroup
SnapMC skips ransomware, steals data

2021-09-23 ⋅ NCC Group ⋅ Michael Gough
Detecting and Hunting for the PetitPotam NTLM Relay Attack

2021-06-15 ⋅ NCC Group ⋅ Michael Matthews, NCC RIFT, William Backhouse
Handy guide to a new Fivehands ransomware variant
FiveHands

2021-05-04 ⋅ NCC Group ⋅ fumik0, NCC RIFT
RM3 – Curiosities of the wildest banking malware
ISFB RM3

2021-03-04 ⋅ NCC Group ⋅ Ollie Whitehouse
Deception Engineering: exploring the use of Windows Service Canaries against ransomware
Ryuk

2021-01-23 ⋅ NCC Group ⋅ NCC RIFT
RIFT: Analysing a Lazarus Shellcode Execution Method

2020-07-05 ⋅ NCC Group ⋅ NCC RIFT
RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence

2020-06-23 ⋅ NCC Group ⋅ Michael Sandee, Nikolaos Pantazopoulos, Stefano Antenucci
WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group
Cobalt Strike ISFB WastedLocker

2020-06-15 ⋅ NCC Group ⋅ Exploit Development Group
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Cobalt Strike