Malpedia Library

2025-03-12 ⋅ Red Canary ⋅ Red Canary
2025 Threat Detection Report
HijackLoader Lumma Stealer NetSupportManager RAT

2025-02-12 ⋅ Red Canary ⋅ Phil Hagen, Tony Lambert
Defying tunneling: A Wicked approach to detecting malicious network traffic
AsyncRAT DCRat NjRAT XWorm

2024-12-02 ⋅ Red Canary ⋅ Red Canary Intelligence
Storm-1811 exploits RMM tools to drop Black Basta ransomware
UNC4393

2024-06-20 ⋅ Red Canary ⋅ The Red Canary Team
Gourav Khandelwal, Akash Chaudhuri, Matthew Mesa, Sagar Patil, Uri Oren, Krithika Ramakrishnan
UNC4393

2023-07-28 ⋅ Red Canary ⋅ Stef Rand
Drop It Like It's Qbot: Separating malicious droppers, loaders, and crypters from their payloads
CloudEyE QakBot

2023-03-23 ⋅ Red Canary ⋅ Red Canary
2023 / 5.0 Threat Dection Report: Techniques, Trend, and Takeaways

2022-05-25 ⋅ Red Canary ⋅ Aedan Russell
ChromeLoader: a pushy malvertiser
Choziosi Choziosi

2022-05-12 ⋅ Red Canary ⋅ Lauren Podber, Tony Lambert
The Goot cause: Detecting Gootloader and its follow-on activity
GootLoader Cobalt Strike

2022-05-12 ⋅ Red Canary ⋅ Lauren Podber, Tony Lambert
Gootloader and Cobalt Strike malware analysis
GootLoader Cobalt Strike

2022-05-05 ⋅ Red Canary ⋅ Lauren Podber, Stef Rand
Raspberry Robin gets the worm early
Raspberry Robin

2022-03-16 ⋅ Red Canary ⋅ Brian Donohue, Laura Brosnan
Uncompromised: When REvil comes knocking
REvil

2022-01-24 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: January 2022
Blister Conficker

2021-12-16 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: December 2021
Cobalt Strike QakBot Squirrelwaffle

2021-12-02 ⋅ Red Canary ⋅ Tony Lambert
KMSPico and Cryptbot: A spicy combo
CryptBot

2021-11-30 ⋅ Red Canary ⋅ Harrison van Riper
ProxyShell exploitation leads to BlackByte ransomware
BlackByte

2021-11-18 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: November 2021
Andromeda Conti LockBit QakBot Squirrelwaffle

2021-09-22 ⋅ Red Canary ⋅ The Red Canary Team
Intelligence Insights: September 2021

2021-08-05 ⋅ Red Canary ⋅ Brian Donohue, Dan Cotton, Tony Lambert
When Dridex and Cobalt Strike give you Grief
Cobalt Strike DoppelDridex DoppelPaymer

2021-05-04 ⋅ Red Canary ⋅ Aaron Didier, Justin Schoenfeld
Transferring leverage in a ransomware attack