Malware Analysis Reports

Tip: Type # to search tags, or click on tags in reports to filter
Grid List
Showing 20 of 305 reports (Page 4 of 16)
Sort by:

Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS

2022-03-22

VOLEXITY

Author: Damien Cash, Steven Adair, Thomas Lancaster

platforms:windows platforms:macos

Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra

2022-02-03

VOLEXITY

Author: Steven Adair, Thomas Lancaster

techniques:phishing malware_types:zero-day cve:cve-2022-24682

Analyzing OSX.DazzleSpy

2022-01-25

Objective-See

Author: Patrick Wardle

architecture:arm architecture:x86_64 techniques:persistence file_types:xml platforms:macos file_types:mach-o cve:cve-2019-8526 file_types:objective-c file_types:pptx file_types:docx

SysJoker, the first (macOS) malware of 2022!

2022-01-11

Objective-See

Author: Patrick Wardle

file_types:zip platforms:linux file_types:txt file_types:bin architecture:x86_64 file_types:sh file_types:so platforms:windows architecture:arm64 file_types:mach-o

The Mac Malware of 2021

2022-01-01

Objective-See

Author: Patrick Wardle

file_types:zip platforms:linux architecture:arm architecture:x86_64 file_types:python file_types:javascript file_types:mach-o techniques:malware analysis tools malware_types:password stealer cve:cve-2021-1789

Where's the Interpreter!?

2021-12-22

Objective-See

Author: Patrick Wardle

file_types:bin file_types:html file_types:sh file_types:bash malware_types:virus file_types:xml platforms:macos file_types:mach-o malware_types:adware cve:cve-2021-30853

XE Group – Exposed: 8 Years of Hacking & Card Skimming for Profit

2021-12-07

VOLEXITY

Author: Volexity Threat Research

Analyzing OSX.CDDS (MacMa)

2021-11-11

Objective-See

Author: Patrick Wardle

file_types:bin architecture:x86_64 file_types:sh file_types:bash malware_types:virus malware_types:backdoor techniques:privilege escalation malware_types:keylogger malware_types:zero-day platforms:macos

Vidar stealer campaign targeting Baltic region and NATO entities

2021-10-27

CERT.PL

Author: CERT Polska

source_tag:analysis source_tag:malware source_tag:vidar source_tag:stealer

Made In America: Green Lambert for OS X

2021-10-01

Objective-See

Author: Runa Sandvik

file_types:txt file_types:bin file_types:html file_types:sh file_types:php file_types:bash techniques:persistence file_types:xml platforms:macos file_types:mach-o

Analysis of CVE-2021-30860

2021-09-16

Objective-See

Author: Tom McGuire

architecture:x86_64 file_types:so techniques:sandbox platforms:macos platforms:ios file_types:mach-o disassembler:hopper cve:cve-2015-6778 cve:cve-2020-1910 cve:cve-2009-1858

Made in China: OSX.ZuRu

2021-09-14

Objective-See

Author: Patrick Wardle

file_types:zip file_types:txt file_types:bin malware_types:loader architecture:x86_64 file_types:python file_types:sh file_types:so file_types:php file_types:mach-o

North Korean BLUELIGHT Special: InkySquid Deploys RokRAT

2021-08-24

VOLEXITY

Author: Damien Cash, Josh Grunzweig, Steven Adair, Thomas Lancaster

malware_types:backdoor

OSX.Hydromac

2021-06-04

Objective-See

Author: Taha Karim

architecture:arm malware_types:loader file_types:python techniques:honeypot file_types:so malware_types:downloader techniques:persistence disassembler:ida pro platforms:macos malware_types:adware

Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns

2021-05-27

VOLEXITY

Author: Damien Cash, Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster

file_types:dll techniques:phishing file_types:iso file_types:lnk

All Your Macs Are Belong To Us

2021-04-26

Objective-See

Author: Patrick Wardle

file_types:zip file_types:pdf file_types:bin architecture:x86_64 file_types:python file_types:sh file_types:so file_types:mach-o file_types:objective-c cve:cve-2021-30657

Keeping an eye on CloudEyE (GuLoader) - Reverse engineering the loader

2021-04-13

CERT.PL

Author: Michał Praszmo

malware_types:loader malware_types:downloader source_tag:analysis source_tag:malware source_tag:guloader source_tag:cloudeye

Creating Shield

2021-03-10

Objective-See

Author: Csaba Fitzl

techniques:code injection file_types:so file_types:go file_types:c platforms:windows file_types:swift platforms:macos file_types:dylib file_types:objective-c

MMD-0067-2021 - Recent talks on Linux process injection and shellcode analysis series (ROOTCON-2020, R2CON-2020 ++)

2021-03-03

MalwareMustDie

Author: unixfreaxjp

platforms:linux malware_types:fileless architecture:arm debugger:gdb malware_types:loader architecture:mips file_types:html disassembler:objdump disassembler:die techniques:code injection

ROOTCON 2020 - Deeper diving into shellcode (advanced users)

2021-03-03

MalwareMustDie

Author: unixfreaxjp

platforms:linux malware_types:fileless architecture:arm debugger:gdb malware_types:loader architecture:mips file_types:html disassembler:objdump disassembler:die techniques:code injection
Previous
Showing 20 of 305 reports (Page 4 of 16)
Next