FAUTLReports

MMD-0068-2024 - "FHAPPI Campaign" (APT10) FreeHosting APT "PSploit" Poison Ivy

2024-06-19

Author: unixfreaxjp

file_types:dll file_types:bin malware_types:rat file_types:dat techniques:system calls techniques:phishing file_types:powershell malware_types:fileless file_types:pe file_types:exe

DISGOMOJI Malware Used to Target Indian Government

2024-06-13

VOLEXITY

Author: Volexity Threat Research

platforms:linux

Detecting Compromise of CVE-2024-3400 on Palo Alto Networks GlobalProtect Devices

2024-05-15

VOLEXITY

Author: Volexity Threat Research

malware_types:zero-day cve:cve-2024-3400

Identifying x86_64 ELF Symbols in Stripped Binaries using AI

2024-05-02

RevEng.AI

file_types:pdf file_types:bin architecture:x86_64 file_types:python file_types:elf file_types:c platforms:debian disassembler:ghidra

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

2024-04-12

VOLEXITY

Author: Volexity Threat Research

malware_types:zero-day cve:cve-2024-3400

Apple Gets an 'F' for Slicing Apples

2024-02-22

Objective-See

Author: Patrick Wardle

architecture:arm malware_types:loader architecture:x86_64 file_types:so file_types:macho file_types:cpp platforms:macos file_types:mach-o debugger:lldb file_types:dylib

CharmingCypress: Innovating Persistence

2024-02-13

VOLEXITY

Author: Ankur Saini, Callum Roxan, Charlie Gardner, Damien Cash

techniques:phishing file_types:so techniques:persistence

Ivanti Connect Secure VPN Exploitation: New Observations

2024-01-18

VOLEXITY

Author: Matthew Meltzer, Sean Koessel, Steven Adair

malware_types:backdoor cve:cve-2024-21887 cve:cve-2023-46805

Why Join The Navy If You Can Be A Pirate?

2024-01-15

Objective-See

Author: Patrick Wardle

file_types:zip file_types:bin architecture:x86_64 malware_types:downloader malware_types:virus techniques:persistence malware_types:trojan file_types:xml platforms:macos file_types:mach-o

Analyzing DPRK's SpectralBlur

2024-01-04

Objective-See

Author: Patrick Wardle

file_types:zip file_types:bin architecture:x86_64 file_types:sh file_types:so malware_types:backdoor techniques:encryption platforms:macos file_types:mach-o debugger:lldb

The Mac Malware of 2023

2024-01-01

Objective-See

Author: Patrick Wardle

malware_types:ransomware file_types:ruby file_types:zip platforms:linux file_types:dat architecture:x86_64 file_types:python techniques:sandbox file_types:mach-o techniques:malware analysis tools

It's Turtles All The Way Down

2023-11-30

Objective-See

Author: Patrick Wardle

malware_types:ransomware file_types:zip platforms:linux file_types:txt architecture:arm architecture:x86_64 file_types:so malware_types:trojan architecture:arm64 file_types:mach-o

Malware stories: Deworming the XWorm

2023-10-24

CERT.PL

Author: Jarosław Jedynak

malware_types:rat malware_types:dropper source_tag:analysis source_tag:xworm source_tag:malwarestory source_tag:malware

EvilBamboo Targets Mobile Devices in Multi-year Campaign

2023-09-22

VOLEXITY

Author: Callum Roxan, Paul Rascagneres, Thomas Lancaster

platforms:android platforms:ios

Unpacking what's packed: DotRunPeX analysis

2023-09-18

CERT.PL

Author: Jarosław Jedynak

techniques:phishing techniques:unpacking malware_types:dropper source_tag:analysis source_tag:malware source_tag:agenttesla source_tag:dotrunpex

Charming Kitten Updates POWERSTAR with an InterPlanetary Twist

2023-06-28

VOLEXITY

Author: Ankur Saini, Charlie Gardner

techniques:phishing

Malspam campaign delivering PowerDash – a tiny PowerShell backdoor

2023-05-09

CERT.PL

Author: Michał Praszmo

file_types:powershell malware_types:backdoor source_tag:analysis source_tag:malware

The LockBit ransomware (kinda) comes for macOS

2023-04-16

Objective-See

Author: Patrick Wardle

malware_types:ransomware file_types:dll file_types:zip platforms:linux file_types:txt file_types:dat architecture:arm file_types:python file_types:json file_types:mach-o

Ironing out (the macOS) details of a Smooth Operator (Part II)

2023-04-01

Objective-See

Author: Patrick Wardle

architecture:x86_64 file_types:so architecture:x64 file_types:xml file_types:json platforms:macos file_types:mach-o debugger:lldb file_types:dylib techniques:anti-analysis

3CX Supply Chain Compromise Leads to ICONIC Incident

2023-03-30

VOLEXITY

Author: Ankur Saini, Callum Roxan, Charlie Gardner, Paul Rascagneres, Steven Adair, Thomas Lancaster

malware_types:loader

Malware Analysis Reports