Blogs
Malware Library
Zero-Dwell Threat Intelligence Reports
Trojanized Utility Adds Defender Exclusions and Hooks Clipboard
.exe
checks-user-input
VB.NET LockScreen Variant Uses Attrib + Autorun for Impact & Persistence
.exe
long-sleeps
calls-wmi
assembly
persistence
Downloader/Spreader with VSS DLL Load Attempts and Credential Access
.exe
long-sleeps
spreader
persistence
bobsoft
SystemHelper SFX Installer Queries Registry and Deploys Malicious Chain
.exe
overlay
detect-debug-environment
Malicious DLL Uses Advapi32/Bcrypt Calls for Stealthy Persistence
.dll
64bits
spreader
Themida-Protected FL_Studio Fake Seeds Spreader-Enabled Lumma Loader
.exe
64bits
long-sleeps
spreader
persistence
Obfuscated Lumma Build Uses WMI Calls and Long-Sleeps for Evasion
.exe
long-sleeps
calls-wmi
spreader
checks-bios
Spreader-Enabled Lumma/Stealc Dropper Persists to ProgramData ADS
.exe
64bits
long-sleeps
idle
spreader
persistence
AgentTesla Variant Performing IP Recon via checkip.dyndns.org
.exe
signed
executes-dropped-file
bobsoft
revoked-cert
Browser-Focused Stealer Uses PowerShell Exclusions and Shellcode
.exe
shellcode
64-bit Keylogger Using Telegram/Smtp Indicators and Temp SFX Paths
.exe
64bits
Confuser-Protected ClipBanker Injects into Browsers to Capture Clipboard
.exe
assembly
Posts navigation
← Previous
1
…
33
34
35
36
37
…
60
Next →
