Common Information
| Type | Value |
|---|---|
| Value |
ntdll.dll |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-07-15 | 88 | DodgeBox: A deep dive into the updated arsenal of APT41 | Part 1 | ||
| Details | Website | 2024-07-11 | 5 | Introducing a New Vulnerability Class: False File Immutability — Elastic Security Labs | ||
| Details | 2024-07-04 | 66 | Defending Against OS Credential Dumping: Threat Landscape, Strategies, and Best Practices | |||
| Details | Website | 2024-06-27 | 13 | The Windows Registry Adventure #3: Learning resources | ||
| Details | Website | 2024-06-24 | 53 | Latrodectus Affiliate Resumes Operations Using Brute Ratel C4 Post Operation Endgame | ||
| Details | Website | 2024-06-20 | 8 | 进程注入——通过VEH向量异常处理进行进程注入 | ||
| Details | Website | 2024-06-20 | 33 | LayeredSyscall——滥用 VEH 绕过 EDR | ||
| Details | Website | 2024-06-17 | 148 | Latrodectus, are you coming back? | Bitsight | ||
| Details | Website | 2024-06-10 | 86 | Technical Analysis of the Latest Variant of ValleyRAT | ||
| Details | Website | 2024-06-05 | 21 | Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government | ||
| Details | Website | 2024-06-04 | 56 | Lost in the Fog: A New Ransomware Threat - Arctic Wolf | ||
| Details | Website | 2024-06-04 | 17 | Pulsedive Blog | Latrodectus Threat Research | ||
| Details | Website | 2024-05-16 | 73 | Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID — Elastic Security Labs | ||
| Details | Website | 2024-05-10 | 24 | In The Shadow Of Venus: Trinity Ransomware's Covert Ties - Cyble | ||
| Details | Website | 2024-04-29 | 77 | Zloader: No Longer Silent in the Night | ||
| Details | Website | 2024-04-25 | 30 | Uncorking Old Wine: Zero-Day from 2017 + Cobalt Strike Loader in Unholy Alliance | ||
| Details | Website | 2024-04-24 | 180 | [QuickNote] Qakbot 5.0 – Decrypt strings and configuration | ||
| Details | Website | 2024-04-23 | 28 | 深度研究APT组织Strom0978的高级注入技术StepBear | CTF导航 | ||
| Details | Website | 2024-04-18 | 14 | The Windows Registry Adventure #2: A brief history of the feature | ||
| Details | Website | 2024-03-27 | 65 | European diplomats targeted by SPIKEDWINE with WINELOADER | ||
| Details | Website | 2024-03-15 | 45 | Malware analysis report: Smoke Loader | ||
| Details | Website | 2024-03-13 | 41 | CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | ||
| Details | Website | 2024-03-13 | 37 | CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | ||
| Details | Website | 2024-03-07 | 14 | Analysing Windows Malware on Apple Mac M1/M2 ( Windows 11 ARM ) - Part II • Raashid Bhat | ||
| Details | Website | 2024-03-04 | 13 | Analysing Windows Malware on Apple Mac M1/M2 ( Windows 11 ARM ) - Part I • Raashid Bhat |