Angehefteter Tweet
To simplify access to and synchronization of Malpedia's automatically generated, code-based YARA rules, we have created the following repository on Github: github.com/malpedia/signa…
English
Malpedia
230 posts
Malpedia
@malpedia
A curated, high-quality malware corpus. Zoo keepers: @push_pnx and @steffenenders_
Germany Beigetreten Ocak 2017
2 Folgt5.7K Follower
Malpedia retweetet
I have just published a new data set revision of MalpediaFLOSSed, now aggregating 5.6m unique strings gathered from 2.100 malware families. github.com/malpedia/malpe…
Byte Atlas@ByteAtlas
[blog post] MalpediaFLOSSed danielplohmann.github.io/blog/2024/03/0…
English
@AzakaSekai_ thanks for the notice - we need to have the cert issues by our org and can't do that before business hours tomorrow morning. 🙄 I've now removed HSTS though, so it should at least be accessible...
English
Malpedia retweetet
@kutekle @cyber_ra1 @MITREattack @OTX @malwrhunterteam @RussianPanda9xx @0xToxin @banthisguy9349 ... which however doesn't mean that you can't apply for an account. 😉
English
@cyber_ra1 @malpedia @MITREattack @OTX @malwrhunterteam @RussianPanda9xx @0xToxin @banthisguy9349 I was excited to try this while waiting for the launch, but damn, Malpedia is invite-only now?
English
APT hub is published now,It is designed to collect the following data about the search APT
APT profiles from - @malpedia , @MITREattack
IOCs of current year from - @OTX
Publish blogs on APT- @malpedia , @MITREattack , @OTX
MITRE TTPs from - @MITREattack
github.com/CyberRa1/APT-H…
Cyber_Ravan@cyber_ra1
I'm excited to share that I'm developing a new project! "APT hub," will help us updated on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), and blogs on searched APT. I'm also working on integrating MITRE, download available sample and yara. Stay Tuned!
English
@RussianPanda9xx @AgidCert We just went PXRECVOWEIWOEI -> 0bj3ctivityStealer in our collection - thx! :)
English
Currently looking at the stealer sample. Let's collectively agree to call it #0bj3ctivityStealer from now on (credit to @AgidCert, reference: cert-agid.gov.it/news/entra-in-…) due to my inability to type and pronounce PXRECVOWEIWOEI on the 100th try.
Yogesh Londhe@suyog41
PXRECVOWEIWOEI Stealer RFQ.xlsx 08ea604f05ff7b003fe8d3a25153988b downloads name.exe 0860b9decf194469ff9004953916fad8 - Exfiltrate data via telegram #PXRECVOWEIWOEI #Stealer #IOC
English
Malpedia retweetet
I wrote a blog post about MalpediaFLOSSed, a collection of ~4 million strings extracted from 1800+ malware families and upgrading its GUI plugin to work with IDA, Ghidra, and Binary Ninja at once!
Kudos to @hyun____22 for Hyara, which pioneered such cross-tool compatibility!
Byte Atlas@ByteAtlas
[blog post] MalpediaFLOSSed danielplohmann.github.io/blog/2024/03/0…
English
🛠️ We added a basic WebUI to our malware strings lookup service. Give it a try at strings.malpedia.io
Malpedia@malpedia
📣We updated "Malpedia FLOSSed". TL;DR: More data, cleaner Rust/Go/Dotnet strings, various tags! We also created a public web service to make this data more accessible: strings.malpedia.io, as well as an IDA plugin as a demo use case. Read more -> github.com/malpedia/malpe…
English
Malpedia retweetet
Based on this, I updated the @TrellixARC Ghidra script to locally use this JSON file. Additionally, I wrote a script to query the Malpedia web service via the exposed API, which one can also host locally. The Ghidra scripts can be found here: github.com/advanced-threa…
Malpedia@malpedia
📣We updated "Malpedia FLOSSed". TL;DR: More data, cleaner Rust/Go/Dotnet strings, various tags! We also created a public web service to make this data more accessible: strings.malpedia.io, as well as an IDA plugin as a demo use case. Read more -> github.com/malpedia/malpe…
English
📣We updated "Malpedia FLOSSed".
TL;DR: More data, cleaner Rust/Go/Dotnet strings, various tags!
We also created a public web service to make this data more accessible: strings.malpedia.io, as well as an IDA plugin as a demo use case.
Read more -> github.com/malpedia/malpe…
English
Malpedia retweetet
I feel like this dump doesn't get enough credit.
So I filtered all malware debug ascii/utf16 strings from it and included it in a YAR rule file.
That's just one use-case for this awesome dump.
There are lots of other interesting malware indicators in it that could be used in a different way.
@malpedia @push_pnx #100DaysofYARA #malpedia
Malpedia@malpedia
🛠️ We just published "Malpedia flossed": @Mandiant FLARE team's floss tool applied to all unpacked + dumped samples in @malpedia. Results: 35.645.324 raw strings, distilled to 2.137.276 unique strings from 1751 processed malware families - 400 MB JSON. -> github.com/malpedia/malpe…
English
Malpedia retweetet
#BinaryNinja plugin that helps write #YARA rule strings based on a selection in the Disassembly view.
Inspired by formatting used in #Yara_Signator @malpedia (highlighted in screenshot).
gist.github.com/utkonos/0aa6e1…
@push_pnx @vector35 @psifertex
#100DaysofYARA
English
🛠️ We just published "Malpedia flossed": @Mandiant FLARE team's floss tool applied to all unpacked + dumped samples in @malpedia. Results: 35.645.324 raw strings, distilled to 2.137.276 unique strings from 1751 processed malware families - 400 MB JSON.
-> github.com/malpedia/malpe…
English
Malpedia retweetet
Introducing YARA-Forge ⚡️
- Streamlined Public YARA Rule Collection
Excited to share my latest project with the community just in time for Christmas! After weeks of hard work, it's finally ready 🎄🎁
Blog Post
cyb3rops.medium.com/introducing-ya…
Project Page
yarahq.github.io
English
You can access the RSS feed here:
malpedia.caad.fkie.fraunhofer.de/feeds/rss/late…
English
We just deployed several updates to Malpedia.
1) There is now an RSS feed available.
2) @MsftSecIntel threat actor names have been integrated as aliases.
3) Family pages have links to @virustotal collections.
4) Library entries indicate if the article language is not English.
English