Malpedia Library

Click here to download all references as Bib-File.•

2024-08-23 ⋅ TEAMT5 ⋅ Still Hsu
Sailing the Seven SEAs: Deep Dive into Polaris' Arsenal and Intelligence Insights
Cobalt Strike Hodur PlugX TONESHELL

2024-04-19 ⋅ TEAMT5 ⋅ Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices
SEASPY UNC4841

2023-08-18 ⋅ TEAMT5 ⋅ Still Hsu, Zih-Cing Liao
Unmasking CamoFei: An In-depth Analysis of an Emerging APT Group Focused on Healthcare Sectors in East Asia
CatB Cobalt Strike DoorMe GIMMICK

2023-02-14 ⋅ ⋅ TEAMT5 ⋅ GSS & IR Team
Worm malware Win32.Parite Deep Analysis & Scanner
Parite

2023-01-26 ⋅ TEAMT5 ⋅ Still Hsu
Brief History of MustangPanda and its PlugX Evolution
PlugX MUSTANG PANDA

2022-05-12 ⋅ TEAMT5 ⋅ Leon Chang, Silvia Yeh
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides)
KEYPLUG Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad Winnti SLIME29 TianWu

2022-05-11 ⋅ TEAMT5 ⋅ Charles Li, Che Chang
To loot or Not to Loot? That Is Not a Question - When State-Nexus APT Targets Online Entertainment Industry
APT27 BRONZE STARLIGHT SLIME29 TianWu

2022-05-09 ⋅ TEAMT5 ⋅ TeamT5
Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services
Cobalt Strike

2022-03-14 ⋅ ⋅ TEAMT5 ⋅ TeamT5
刻の涙 : NT 5.x NDIS 驅動程式後門分析《Daxin x32》
Daxin

2021-12-16 ⋅ TEAMT5 ⋅ Aragorn Tseng, Charles Li, Peter Syu, Tom Lai
Winnti is Coming - Evolution after Prosecution
Cobalt Strike FishMaster FunnySwitch HIGHNOON ShadowPad Spyder

2021-10-22 ⋅ TEAMT5 ⋅ TeamT5
Assassinations of "MiniNinja" in Various APAC Countries
ToddyCat

2021-08-20 ⋅ ⋅ TEAMT5 ⋅ TeamT5
See REvil again?! See how hackers use the same encryption ransomware program REvil to annihilate the attack evidence
REvil

2021-07-21 ⋅ ⋅ TEAMT5 ⋅ Jason3e7, Peter, Tom
"Le" is not tired of this, IE is really naughty
Magniber

2021-06-11 ⋅ TEAMT5 ⋅ Linda Kuo, Zih-Cing Liao
Story of the ‘Phisherman’ -Dissecting Phishing Techniques of CloudDragon APT (slides)
Appleseed BabyShark

2021-06-02 ⋅ TEAMT5 ⋅ TeamT5
Introducing The Most Profitable Ransomware REvil
Gandcrab REvil

2021-05-10 ⋅ TEAMT5 ⋅ Charles Li
APT Threat Landscape of Taiwan in 2020

2021-05-07 ⋅ TEAMT5 ⋅ Jhih-Lin Kuo, Zih-Cing Liao
"We Are About to Land": How CloudDragon Turns a Nightmare Into Reality
FlowerPower Appleseed BabyShark GoldDragon NavRAT

2021-05-07 ⋅ TEAMT5 ⋅ Aragorn Tseng, Charles Li
Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network
Cobalt Strike PlugX Waterbear

2021-01-27 ⋅ TEAMT5 ⋅ Leon, Shui
LuoYu: The eavesdropper sneaking in multiple platforms
systemd WinDealer Red Nue

2021-01-13 ⋅ ⋅ TEAMT5 ⋅ TeamT5
年度最慘漏洞！深入探究 Oracle WebLogic CVE-2020-14882

2020-12-22 ⋅ ⋅ TEAMT5 ⋅ TeamT5
macOS 用戶當心！北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶

2020-08-19 ⋅ ⋅ TEAMT5 ⋅ TeamT5
調查局 08/19 公布中國對台灣政府機關駭侵事件說明
Cobalt Strike Waterbear

2020-05-01 ⋅ Macnica Networks ⋅ Macnica Networks, TeamT5
Cyber Espionage Tradecraft in the Real World Adversaries targeting Japan in the second half of 2019
TSCookie LODEINFO

2020-04-15 ⋅ ⋅ TEAMT5 ⋅ TeamT5
中國駭客 HUAPI 的惡意後門程式 BiFrost 分析
Bifrost

2020-01-14 ⋅ TEAMT5 ⋅ Aragorn Tseng, CiYi Yu
Evil Hidden in Shellcode: The Evolution of Malware DBGPRINT
Waterbear