Community Content
Macaw Ransomware
OVERVIEW Macaw or Macaw Locker is a ransomware malware that first came to prominence in October 2021 when it was used to attack a Olympus
OVERVIEW Macaw or Macaw Locker is a ransomware malware that first came to prominence in October 2021 when it was used to attack a Olympus
OVERVIEW njRAT is a well-known and widely available Remote Administration Tool (RAT) which has been observed since 2013 and may have been in development as
OVERVIEW The Meteor or Meteor Express malware variant was first seen when the Iranian railway system and the Ministry of Roads and Urban Development system
OVERVIEW The Sibot malware is a malware family implemented in Visual Basic. It is used to establish persistence on a system, as well as downloading
OVERVIEW TEARDROP is fileless malware that functions as a dropper. The malware, which was first observed in late 2020, was observed as part of the
THREAT DESCRIPTION The Windows Registry is a database of settings used by Microsoft Windows system applications and core utilities. The registry of often abused by
OVERVIEW BoomBox is a malicious downloader used by the actor known as Dark Halo (aka NOBELLIUM, UNC2452). DELIVERY The malware (named after the original file
THREAT DESCRIPTION In May 2021, Microsoft and Volexity reported sophisticated phishing campaigns affecting government organizations. Microsoft attributed the attack to Nobelium (UNC2452). Nobelium utilized several
OVERVIEW EnvyScout (derived from the filename NV.html, aka Envy Scout, NV.html, NV, EnvyScout) is a dropper-style malware that writes a malicious ISO to disk. The
OVERVIEW Sodinokibi (aka Sodin, REvil) is a prolific ransomware which came to widespread attention in April 2019. Sodinokibi is a ransomware that is distributed as
