Malpedia Library

Click here to download all references as Bib-File.•

2023-12-05 ⋅ PWC ⋅ PwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP

2023-11-20 ⋅ PWC ⋅ Sveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket

2022-12-05 ⋅ PWC ⋅ PWC
Blue Callisto orbits around US Laboratories in 2022

2022-08-30 ⋅ Proofpoint ⋅ Michael Raggi, PWC UK, Sveva Vittoria Scenarelli
Rising Tide: Chasing the Currents of Espionage in the South China Sea
scanbox Meterpreter APT40

2022-08-11 ⋅ PWC ⋅ Allison Wikoff, Sveva Vittoria Scenarelli
Talent Need Not Apply. Tradecraft and Objectives of Job-themed APT Social Engineering
CageyChameleon

2022-07-22 ⋅ PWC UK ⋅ Krystle Reid
Old cat, new tricks, bad habits An analysis of Charming Kitten’s new tools and OPSEC errors
TelegramGrabber

2022-04-28 ⋅ PWC ⋅ PWC UK
Cyber Threats 2021: A Year in Retrospect
BPFDoor APT15 APT31 APT41 APT9 BlackTech BRONZE EDGEWOOD DAGGER PANDA Earth Lusca HAFNIUM HAZY TIGER Inception Framework LOTUS PANDA QUILTED TIGER RedAlpha Red Dev 17 Red Menshen Red Nue VICEROY TIGER

2022-04-28 ⋅ PWC ⋅ PWC UK
Cyber Threats 2021: A Year in Retrospect (Annex)
Cobalt Strike Conti PlugX RokRAT Inception Framework Red Menshen

2022-01-27 ⋅ PWC ⋅ Jack Simpson
Threat actor of in-Tur-est
Cameleon

2021-12-08 ⋅ PWC UK ⋅ Adam Prescott
Chasing Shadows: A deep dive into the latest obfuscation methods being used by ShadowPad
ShadowPad Earth Lusca

2021-02-28 ⋅ PWC UK ⋅ PWC UK
Cyber Threats 2020: A Year in Retrospect
elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare APT10 APT23 APT27 APT31 APT41 BlackTech BRONZE EDGEWOOD Inception Framework MUSTANG PANDA Red Charon Red Nue Sea Turtle Tonto Team

2020-12-11 ⋅ PWC UK ⋅ Twitter (@BitsOfBinary)
Tweet on macOS Manuscypt samples
Manuscrypt

2020-09-29 ⋅ PWC UK ⋅ Andy Auld
What's behind the increase in ransomware attacks this year?
DarkSide Avaddon Clop Conti DoppelPaymer Dridex Emotet FriedEx Mailto PwndLocker QakBot REvil Ryuk SMAUG SunCrypt TrickBot WastedLocker

2020-09-17 ⋅ PWC UK ⋅ PWC UK
Analysis of WellMail malware's Command and Control (C2) server
WellMail

2020-08-17 ⋅ PWC ⋅ PWC UK
WellMess malware: analysis of its Command and Control (C2) server
elf.wellmess

2020-07-16 ⋅ PWC UK ⋅ PWC UK
How WellMess malware has been used to target Covid-19 vaccines
elf.wellmess WellMess

2020-03-09 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
BabyShark MyDogs Kimsuky

2020-03-09 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 2
BabyShark MyDogs Kimsuky

2020-03-03 ⋅ PWC UK ⋅ PWC UK
Cyber Threats 2019:A Year in Retrospect
KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare APT41 MUSTANG PANDA Sea Turtle

2020-02-18 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
Kimsuky

2017-11-02 ⋅ PWC UK ⋅ Bart Parys
The KeyBoys are back in town
KeyBoy

2017-05-26 ⋅ PWC ⋅ Bart Parys
TrickBot’s bag of tricks
TrickBot

2017-04-04 ⋅ PWC UK ⋅ PWC UK
Operation Cloud Hopper
APT10

2016-03-01 ⋅ PWC ⋅ Michael Yip
Taiwan Presidential Election: A Case Study on Thematic Targeting
SunOrcal

2015-06-24 ⋅ PWC ⋅ Chris Doman, Michael Yip
UnFIN4ished Business
WOLF SPIDER

2015-04-27 ⋅ PWC ⋅ Tom Lancaster
Attacks against Israeli & Palestinian interests
Molerats

2014-10-27 ⋅ PWC ⋅ Chris Doman, Tom Lancaster
ScanBox framework – who’s affected, and who’s using it?
Jolob

2014-10-20 ⋅ PWC ⋅ Dan Kelly, Tom Lancaster
OrcaRAT - A whale of a tale
OrcaRAT

2014-09-19 ⋅ PWC ⋅ Tom Lancaster
Malware microevolution
RapidStealer