Blogs
Malware Library
Zero-Dwell Threat Intelligence Reports
Trojanized GUI EXE Uses PowerShell Stagers to Install Stealer Modules
.exe
spreader
assembly
Amadey/Doina Trojan Fetcher Using HTTP C2 and Hidden Install Folder
.exe
spreader
Trojanized WinRAR EXE Adds Defender Exclusions and Harvests Logins
.exe
spreader
assembly
Large CryEngine EXE Packs Overlayed Stealer with Injector Traits
.exe
SFX-Packed Trojan Masks as SystemHelper and Beacons for Secondary Tasks
.exe
overlay
Large Installer Imposter Switches to 64-bit (Heaven’s Gate) to Load Stealer
.exe
detect-debug-environment
Lumma/Amadey Runner Adds Defender Exclusions and Beacons for Tasks
.exe
overlay
calls-wmi
persistence
checks-bios
Packed EXE Fetches Encrypted Tasks from softytoys.shop and Executes Stealer
.exe
detect-debug-environment
spreader
AutoIt/Injector Dropper Spawns PowerShell and Performs WMI Recon
.exe
long-sleeps
detect-debug-environment
calls-wmi
Win64 Stealc v2 Implant with Long-Sleeps and Anti-Sandbox Checks
.exe
64bits
long-sleeps
idle
spreader
persistence
Trusted-Name Trojan Substitutes Wallet Addresses for Silent Theft
.exe
assembly
VMProtect-Packed Installer Deploys RadThief/Formbook Modules
.exe
overlay
detect-debug-environment
invalid-signature
Posts navigation
← Previous
1
…
29
30
31
32
33
…
59
Next →
