2021.12.07.rar
959.1 KB
FIN13; Mandiant: FIN13, a Cybercriminal Threat Actor Focused on Mexico
We've updated our paper collection
-XLLPOC, code execution via Excel by, Excel DLL loader (XLL files), being sold on various forums
-ZipExec, executing password protected zip files by, a technique currently used by Emotet
Check it out: https://vx-underground.org
-XLLPOC, code execution via Excel by, Excel DLL loader (XLL files), being sold on various forums
-ZipExec, executing password protected zip files by, a technique currently used by Emotet
Check it out: https://vx-underground.org
❤3
Gomorrah stealer group, or an individual who purchased Gomorrah stealer, left the panel source code exposed online. We have added it to the VXUG Panel source code collection.
https://github.com/vxunderground/MalwareSourceCode/tree/main/Panel
https://github.com/vxunderground/MalwareSourceCode/tree/main/Panel
GitHub
MalwareSourceCode/Panel at main · vxunderground/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages. - vxunderground/MalwareSourceCode
👍1👏1
Updates to vx-underground:
APT collection:
2021.11.10/Void Balaur
2021.12.06/Nobelium
2021.12.07/FIN13
Malware collection:
Cuba Ransomware
Diavol Ransomware
Log4J Malware
Owowa
Quantum Ransomware
Tor2Mine
Check it out here: http://vx-underground.org
APT collection:
2021.11.10/Void Balaur
2021.12.06/Nobelium
2021.12.07/FIN13
Malware collection:
Cuba Ransomware
Diavol Ransomware
Log4J Malware
Owowa
Quantum Ransomware
Tor2Mine
Check it out here: http://vx-underground.org
👍1
"Espionage Campaign Targets Telecoms Organizations across Middle East and Asia" :) Samples + Paper
We've made large updates to the VXUG APT collection
2021.11.24/APT-38
2021.12.07/TeamTNT
2021.12.08/ShadowPad
2021.12.13/APT-C-61
2021.12.13/Kimsuky
2021.12.14/DarkWatchman
2021.12.14/DoNot
2021.12.15/APT31
2021.12.15/Jolly Jellyfish
Check it out here: https://vx-underground.org
2021.11.24/APT-38
2021.12.07/TeamTNT
2021.12.08/ShadowPad
2021.12.13/APT-C-61
2021.12.13/Kimsuky
2021.12.14/DarkWatchman
2021.12.14/DoNot
2021.12.15/APT31
2021.12.15/Jolly Jellyfish
Check it out here: https://vx-underground.org
We've updated the VXUG Malware sample collection:
- GoLang-based Log4J malware
- BlackCat Ransomware (ALPHV), Rust-based and uses LLVM for obfuscation
- Yanluowang Ransomware, ransomware that is signed....
Check it out here: https://vx-underground.org
- GoLang-based Log4J malware
- BlackCat Ransomware (ALPHV), Rust-based and uses LLVM for obfuscation
- Yanluowang Ransomware, ransomware that is signed....
Check it out here: https://vx-underground.org
👍1
A Security researcher has identified the first Log4J worm. It is a self-propagating Mirai bot. We have aggregated the sample.
You can download the Log4J Mirai worm here: https://vx-underground.org
You can download the Log4J Mirai worm here: https://vx-underground.org
2022.01.121.7z
1.7 MB
2022.01.12/Iranian intel cyber suite of malware uses open source tools (MuddyWater)
2022.01.12_Samples.7z
7.8 MB
2022.01.12/OceanLotus (APT32) hackers turn to web archive files to deploy backdoors
This media is not supported in your browser
VIEW IN TELEGRAM
REvil detained
This media is not supported in your browser
VIEW IN TELEGRAM
Another REvil member detained
We've added a new paper to the VXUG AV paper collection: "In-Depth Analysis of Ransom Note Files" by Yassine Lemmou, Jean-Louis Lanet, El Mamoun Souidi
Analysis of ransomware notes & proposed prototype of identifying Threat Actors by their ransom notes
https://vx-underground.org/av.html
Analysis of ransomware notes & proposed prototype of identifying Threat Actors by their ransom notes
https://vx-underground.org/av.html
👎2👍1
BlackBerry ThreatVector team identified a new ransomware variant dubbed "LokiLocker".
You can download LokiLocker ransomware samples here:
https://samples.vx-underground.org/samples/Families/LokiLockerRansomware/
You can download LokiLocker ransomware samples here:
https://samples.vx-underground.org/samples/Families/LokiLockerRansomware/
❤2