Malpedia Library

2022-08-30 ⋅ Proofpoint ⋅ Michael Raggi, PWC UK, Sveva Vittoria Scenarelli
Rising Tide: Chasing the Currents of Espionage in the South China Sea
scanbox Meterpreter APT40

2022-07-22 ⋅ PWC UK ⋅ Krystle Reid
Old cat, new tricks, bad habits An analysis of Charming Kitten’s new tools and OPSEC errors
TelegramGrabber

2022-04-28 ⋅ PWC ⋅ PWC UK
Cyber Threats 2021: A Year in Retrospect (Annex)
Cobalt Strike Conti PlugX RokRAT Inception Framework Red Menshen

2021-12-08 ⋅ PWC UK ⋅ Adam Prescott
Chasing Shadows: A deep dive into the latest obfuscation methods being used by ShadowPad
ShadowPad Earth Lusca

2020-12-11 ⋅ PWC UK ⋅ Twitter (@BitsOfBinary)
Tweet on macOS Manuscypt samples
Manuscrypt

2020-09-17 ⋅ PWC UK ⋅ PWC UK
Analysis of WellMail malware's Command and Control (C2) server
WellMail

2020-08-17 ⋅ PWC ⋅ PWC UK
WellMess malware: analysis of its Command and Control (C2) server
elf.wellmess

2020-07-16 ⋅ PWC UK ⋅ PWC UK
How WellMess malware has been used to target Covid-19 vaccines
elf.wellmess WellMess

2020-03-09 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
BabyShark MyDogs Kimsuky

2020-03-09 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 2
BabyShark MyDogs Kimsuky

2020-02-18 ⋅ PWC UK ⋅ Kris McConkey, Sveva Vittoria Scenarelli
Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1
Kimsuky

2017-11-02 ⋅ PWC UK ⋅ Bart Parys
The KeyBoys are back in town
KeyBoy

2017-04-04 ⋅ PWC UK ⋅ PWC UK
Operation Cloud Hopper
APT10