APT Gamaredon:)

Call of Duty symbol dump:)

LockerGoga samples:)

APT scarcruft (APT37) samples:)

We're happy to announce that our friends over at XSS have given us approval to archive materials from their domain and import it into the vx-underground collection.

* Materials will be English and Russian
* Authors will receive complete credit for work

More info coming soon..

We've updated the vx-underground malware source code collection on GitHub:

Leaks:
Win32.PredatorTheThief (beta)
Win32.Module.Startup.Amadey
Unknown.Incomplete.Eb0la
Unknown.Incomplete.DarkRadiation

+ 2 Win32 Stealers added.

Check it out here: https://github.com/vxunderground/MalwareSourceCode

Blackbyte ransomware samples:)

psiphone android malware samples:) + paper

ewdoor campaign samples + paper:)

93 cobalt strike beacons:)

apt37 chinotto samples:)

apt 27 samples:)

android.cleaningservice:) , malware campaign targetng malaysia

apt 38 samples + paper:)

magnat samples:)

FIN13; Mandiant: FIN13, a Cybercriminal Threat Actor Focused on Mexico

We've updated our paper collection

-XLLPOC, code execution via Excel by, Excel DLL loader (XLL files), being sold on various forums
-ZipExec, executing password protected zip files by, a technique currently used by Emotet

Check it out: https://vx-underground.org

blackcat ransomware sample:) (rust ransomware)

Gomorrah stealer group, or an individual who purchased Gomorrah stealer, left the panel source code exposed online. We have added it to the VXUG Panel source code collection.

https://github.com/vxunderground/MalwareSourceCode/tree/main/Panel