MDNC | Malware don't need Coffee
Navigation
Search
FAQ
Contact
Blog
External
References
Actors
Authors
CVEs
EKs (Exploit Kits)
Malware
TDS (Traffic Distribution Systems)
Archive
References
Actors
TA505
- MONTY SPIDER - UNC902
References:
Threat Actor Profile: TA505, From Dridex to GlobeImposter
- 2017-09-27 - Proofpoint -
Proofpoint Staff
TA505
Dridex
Trickbot
Shifu
An in-depth malware analysis of QuantLoader
- 2018-03-28 - Malwarebytes -
Vishal Thakur
Quant
TA505
FlawedAmmyy
TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader
- 2019-10-16 - Proofpoint -
Dennis Schwarz
-
Kafeine
-
Matthew Mesa
-
Axel F
-
Proofpoint Staff
Get2
TA505
SDBbot
FlawedGrace
FlawedAmmyy
Snatch
ServHelper
More Reading:
Dridex Actors Get In the Ransomware Game With "Locky"
- 2016-02-16 - Proofpoint -
Proofpoint Staff
Locky
Neutrino
TA505
Locky distributor uses newly released quant loader sold on Russian underground
- 2016-09-14 - Forcepoint -
Nicholas Griffin
Quant
Locky
TA505
Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
- 2017-04-10 - Proofpoint -
Proofpoint Staff
CVE-2017-0199
Dridex
TA505
Leaked Ammyy Admin Source Code Turned into Malware
- 2018-03-07 - Proofpoint -
Proofpoint Staff
FlawedAmmyy
TA505
Quant
Drive-by as a service: BlackTDS
- 2018-03-13 - Proofpoint -
Kafeine
BlackTDS
bbsindex
TA505
Sandiflux: Another Fast Flux infrastructure used in malware distribution emerges
- 2018-03-30 - Proofpoint -
Kafeine
TA547
GandCrab
TA544
TA505
TA505 Abusing SettingContent-ms within PDF files to Distribute FlawedAmmyy RAT
- 2018-07-19 - Proofpoint -
Proofpoint Staff
FlawedAmmyy
TA505
ServHelper and FlawedGrace - New malware introduced by TA505
- 2019-01-09 - Proofpoint -
Dennis Schwarz
-
Proofpoint Staff
ServHelper
FlawedGrace
TA505
URLZone top malware in Japan, while Emotet and LINE Phishing round out the landscape
- 2019-06-19 - Proofpoint -
Proofpoint Staff
TA544
URLZone
Gozi v3
Vawtrak
TA505
FlawedAmmyy
Anomaly detection helped us uncover a new campaign that employs a complex infection chain to download and run the notorious FlawedAmmyy RAT directly in memory.
- 2019-06-21 - Twitter -
Microsoft Security Intelligence
FlawedAmmyy
TA505
TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
- 2019-07-02 - Proofpoint -
Matthew Mesa
-
Dennis Schwarz
-
Proofpoint Staff
AndroMut
FlawedAmmyy
TA505
Sandiflux Botnet Report - June 2019
- 2019-07-02 - Slideshare -
Salvatore Saeli
TA505
FlawedAmmyy
GandCrab
Sodinokibi
(PDF - Technical Brief) Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
- 2019-07-04 - Trend Micro -
Hara Hiroaki
-
Loseway Lu
AndroMut
TA505
Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
- 2019-07-04 - Trend Micro -
Hara Hiroaki
-
Loseway Lu
TA505
Targeted TrickBot activity drops 'PowerBrace' backdoor
- 2019-07-11 - NTT Security -
NTT Security
Trickbot
PowerBrace
TA505
PDF: ASEC REPORT vol.96 Q3 2019
- 2019-10-11 - Ahnlab -
ASEC Researchers
Clop
SDBbot
FlawedAmmyy
TA505
Shikata Ga Nai Encoder Still Going Strong
- 2019-10-21 - FireEye -
Steve Miller
-
Evan Reese
-
Nick Carr
TA505
FIN6
Note:TA505 != Dridex. They were massively spreading it, [...] but also Locky 3, Trickbot mac1
- 2019-12-05 - Twitter -
Kafeine
TA505
Dridex
