v x

Invisible Text. Fuck you.

Home Archive Code Zines Windows Papers Linux Papers AV Tech Papers Other Papers Threat Intel Malware Samples APT Collection

Malware Familes

Sample Download Sample Info
AgentTesla Who Is Agent Tesla?
Amadey Threat Spotlight: Amadey Bot Targets Non-Russian Users
Amavaldo From Carnaval to Cinco de Mayo – The journey of Amavaldo
Android.Bzy Chinese Teens Take On the Mobile Ransomware Trade
Android.Cynos New trojan detected on AppGallery app catalog
Android.Greywolf Chinese Teens Take On the Mobile Ransomware Trade
Android.Rummus N/A
Andromeda Andromeda under the microscope
Angler EK Understanding Angler Exploit Kit
AsyncRAT AsyncRAT
AtomSilo AtomSilo Ransomware
Ave Maria Backdoor.AveMaria
Aveo Aveo Malware Family Targets Japanese Speaking Users
Azorult AZORULT Malware Information
Babadeda Babadeda Crypter Targeting Crypto, Nft, And Defi Communities
Babuk Ransomware gang Babuk goes dark
BandarChor Ransomware Ransomware Report: The Rise of BandarChor
Bartalex Enterprises Hit by BARTALEX Macro Malware in Recent Spam Outbreak
BasBanke BasBanke: Trend-setting Brazilian banking Trojan
Bazar Loader BazarLoader deploys a pair of novel spam vectors
Bedep Bedep Ad-Fraud Botnet Analysis
BitRAT BitRAT
Bizarro Bizarro: a banking Trojan full of nasty tricks
BlackMatter BlackMatter ransomware emerges from the shadow of DarkSide
BlackMatter Exfiltration Tool: ExMatter BlackMatter Data Exfiltration Tool: ExMatter
CacheFlow Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests
Crush Arcade Crush Arcade
CTB-Locker CTB-Locker
CVE-2008-2551 Drive-by download campaign targets Chinese websites
CVE-2015-0359 CVE-2015-0359
CVE-2017-10271 Oracle Server Exploited to Deliver Monero Miners
CVE-2017-11882 CVE-2017-11882
CVE-2018-0802 CVE-2018-0802
CVE-2018-4878 CVE-2018-4878
Chaos Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications
Chapak Trojan.Win32.Chapak
Clownic Ransomware Clownic Ransomware documented by GrujaRS
CobaltStrike Cobalt Strike Usage Explodes Among Cybercrooks
Conti Conti Ransomware Gang
Cronrat CronRAT malware hides behind February 31st
CryptBot Cryptbot: How Free becomes a High Price to Pay
CryptoFortress CryptoFortress mimics TorrentLocker but is a different ransomware
Cryptowall CryptoWall Ransomware Threat Analysis
Cryxos Trojan:JS/Cryxos
Curator Ransomware N/A
DCRat Analyzing Dark Crystal RAT, a C# Backdoor
DanaBot New Year, New Version of DanaBot
DarkComet Backdoor.DarkComet
DarkVNC A short journey into DarkVNC attack chain
Darkside Shining a Light on DARKSIDE Ransomware Operations
DearCry Ransomware DearCry Ransomware and the Hafnium Attacks
Decaf Ransomware DeCaf Ransomware
Djvu Djvu Ransomware
Dyre Dyre Banking Trojan
Elirks Elirks Malware Family
Emdivi Emdivi and the Rise of Targeted Attacks in Japan
Emotet Wikipedia: Emotet
Escelar Banking Trojan Escelar Infects Thousands In Brazil and the US
Exaramel Exaramel Malware Family
FakeDivX Compromised Turkish Government Web site leads to malware
Fareit Trojan.PWS.Fareit
FighterPOS FighterPOS PoS Malware Gets Worm Routine
Filmkan Filmkan: Mysterious Turkish Botnet Grows Through Facebook
FluBot FluBot Android Malware
FormBook Deep Analysis: FormBook New Variant
FritzFrog FritzFrog: A New Generation Of Peer-To-Peer Botnets
Gafgyt What is Gafgyt malware?
Gauss Gauss: Nation-state cyber-surveillance meets banking Trojan
Glupteba Trojan.Glupteba
GoSearch GoSearch Virus Mac
GuLoader GuLoader: Peering Into a Shellcode-based Downloader
Haron Ransomware BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
HawkEye Keylogger Revamped HawkEye Keylogger Swoops in on Coronavirus Fears
HelloKitty HelloKitty: When Cyberpunk met cy-purr-crime
Hive Ransomware Hive Ransomware
Jianmo Chinese Teens Take On the Mobile Ransomware Trade
Jupyter Jupyter trojan: Newly discovered malware stealthily steals usernames and passwords
KRBanker KrBanker Malware Family
Keybase KeyBase Keylogger Malware Family Exposed
Kobalos Kobalos (malware)
Kriptovor Analysis of KRIPTOVOR: Infostealer+Ransomware
Linux.Spike Linux Spike Trojan malware
Loda RAT Loda RAT Grows Up
Lokibot LokiBot Malware
MacOS.AdLoad Massive New AdLoad Campaign Goes Entirely Undetected By Apple’s XProtect
MacOS.Adwind Adwind RAT Malware: Everything You Need to Know
MacOS.AppleJeus AppleJeus
MacOS.BirdMiner OSX.BirdMiner
MacOS.Calisto Calisto Trojan for macOS
MacOS.Cointicker Mac cryptocurrency ticker app installs backdoors
MacOS.Coldroot OSX/Coldroot and the RAT invasion
MacOS.Convuster Convuster: macOS adware now in Rust
MacOS.Cookieminer CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency
MacOS.Dok Mac Malware OSX.Dok is Back, Actively Infecting Victims
MacOS.Dummy New Mac malware targets cryptocoin ‘dummies’
MacOS.Evilquest New ThiefQuest ransomware discovered targeting macOS users
MacOS.Kitm OSX/KitM.A
MacOS.LaoShu Digitally signed data-stealing malware targets Mac users in “undelivered courier item” attack
MacOS.Macma Backdoor macOS.Macma Spies On Activists But Can’t Hide From Behavioral Detection
MacOS.Pirrit OSX.Pirrit Mac Adware
MacOS.Shlayer Shlayer Trojan attacks one in ten macOS users
MacOS.Tarmac OSX/Shlayer new Shurprise.. unveiling OSX/Tarmac
MacOS.XCSSET Mac malware exposed: XCSSET, an advanced new threat
MacOS.XLoader Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger
MacOS.Zuru ‘OSX.ZuRu’ Malware Spreads From Trojanized Apps via Sponsored Search Results
MassLogger MASS Logger
Mekotio Banker Mekotio Banker Returns with Improved Stealth and Ancient Encryption
Medusa Locker Medusa Locker Ransomware
Mirai What is mirai botnet?
Moses Staff New Moses Staff group targets Israeli organizations in destructive attacks
MyDoom Worm:W32/Mydoom
Nanhaishu Nanhaishu
Nanocore NANOCORE RAT UNDER THE MICROSCOPE
Necro Necro Python Botnet Goes After Vulnerable VisualTools DVR
Neshta Neshta File Infector Endures
NetFilter Microsoft signed a malicious Netfilter rootkit
NetWire RAT New NetWire RAT Campaigns Use IMG Attachments
Networm Networm
Neutrino EK Neutrino Exploit Kit
NitlovePOS NitlovePOS: Another New POS Malware
NjRat Backdoor.NJRat
Nuclear EK All You Need to Know About Nuclear Exploit Kit
Numando Numando: Count once, code twice
Orcus Orcus RAT Author Charged in Malware Scheme
Oscorp Oscorp, a new Android malware targets Italian users
Oski Oski Data-Stealing Malware Emerges to Target North America, China
Pegasus What is pegasus spyware?
PlugX Take a Deep Dive into PlugX Malware
Pony Pony: A Breakdown of the Most Popular Malware in Credential Theft
Poseidon PoSeidon (malware)
PunkeyPOS PunkeyPOS Malware
PurpleFox 'Purple Fox’ Malware Can Rootkit and Abuse PowerShell
Pushdo Pushdo - Analysis of a Modern Malware Distribution System
Pysa Pysa (Mespinoza) Ransomware
QuasarRAT Quasar RAT: A sneak peek into the Remote Access Trojan’s capabilities
REvil REvil/Sodinokibi Ransomware
RaccoonStealer Raccoon: The Story of a Typical Infostealer
RatDispenser RATDispenser: Stealthy JavaScript Loader Dispensing RATs into the Wild
RawPOS RawPOS: New Behavior Risks Identity Theft
Razy Mal/Razy
RedLine Redline Password Stealer Malware
Remcos Trojan.Remcos
Retefe 2019: The Return of Retefe
RotaJakiro RotaJakiro: A Linux backdoor
Sakula Sakula Malware Family
Samsam Ransomware Alert (AA18-337A) SamSam Ransomware
Sanya Linux Executables Deployed As Stealth Windows Loaders
Shellbot The Risk of Publicly Available Cryptocurrency Miners
ShinoLocker N/A
Skype Worm Skype worm reloaded
Slave New banking trojan 'Slave' hitting Polish Banks
SmokeLoader Smoke Loader
Snake Keylogger Snake Keylogger Slithers Through Malspam
Stegoloader Stegoloader: A Stealthy Information Stealer
Sundown Exploit Kit Sundown Exploit Kit
Symmi The DGA of Symmi
SynAck Ransomware SynAck targeted ransomware uses the Doppelgänging technique
TeslaCrypt TeslaCrypt
Tinba Tiny Banker Trojan
TrickBot Trojan.TrickBot
Valyria Valyria Trojan Drops Emotet
Vermilion Strike Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Vermin A deep dive down the Vermin RAThole
Virlock Threat Spotlight: Virlock Polymorphic Ransomware
Werdlod TROJ_WERDLOD: New Banking Trojan Targets Japan
Zeus Zeus (malware)
Zumanek Zumanek Remote Access Trojan Threat Intel Advisory

Want to sponsor vx-underground?

Your information could go here