Malpedia Library

Click here to download all references as Bib-File.•

2025-03-06 ⋅ Palo Alto Networks Unit 42 ⋅ Janos Szurdi, Reethika Ramesh
The Next Level: Typo DGAs Used in Malicious Redirection Chains

2025-02-28 ⋅ Palo Alto Networks Unit 42 ⋅ Margaret Kelley
JavaGhost’s Persistent Phishing Attacks From the Cloud
JavaGhost

2025-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger, Tom Fakterman
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
FINALDRAFT FINALDRAFT

2025-02-24 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Armstrong
Auto-Color: An Emerging and Evasive Linux Backdoor

2024-11-19 ⋅ Palo Alto Networks Unit 42 ⋅ Asher Davila, Chris Navarrete
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
FrostyGoop

2024-10-30 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Jumpy Pisces Engages in Play Ransomware
Dtrack MimiKatz PLAY Sliver

2024-09-26 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Lior Rochberger
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
FPSpy KLogEXE Kimsuky

2024-09-23 ⋅ Palo Alto Networks Unit 42 ⋅ Dominik Reichel, Yaron Samuel
Inside SnipBot: The Latest RomCom Malware Variant
ROMCOM RAT

2024-09-19 ⋅ Palo Alto Networks Unit 42 ⋅ Dominik Reichel
Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool
Splinter

2024-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ Jerome Tujague, Navin Thomas
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware
Cicada3301

2024-08-09 ⋅ Palo Alto Networks Unit 42 ⋅ Amanda Tanner, Kristopher Bleich
Ransomware Review: First Half of 2024
Ukrainian Cyber Alliance

2024-08-02 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Fighting Ursa Luring Targets With Car for Sale
Headlace

2024-06-27 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Actor Groups Tracked by Palo Alto Networks Unit 42
GOLD REBELLION

2024-05-23 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043

2024-04-12 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400
UPSTYLE

2024-03-26 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
PUBLOAD

2024-03-15 ⋅ Palo Alto Networks Unit 42 ⋅ Amanda Tanner, Anthony Galiette, Jerome Tujague
Inside the Rabbit Hole: BunnyLoader 3.0 Unveiled
BunnyLoader

2024-02-13 ⋅ Palo Alto Networks Unit 42 ⋅ Ofir Ozer, Or Chechik
A Deep Dive Into Malicious Direct Syscall Detection
Lumma Stealer

2024-02-12 ⋅ Palo Alto Networks Unit 42 ⋅ Dan Yashnik, Lior Rochberger
Diving Into Glupteba's UEFI Bootkit
Glupteba

2023-12-07 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Fighting Ursa Aka APT28: Illuminating a Covert Campaign