Self Assessment

Archives: Out of Band

The Origins of APT 41 and ShadowPad Lineage
2022-07-13
The Origins of APT 41 and ShadowPad Lineage

Introduction When the CYFIRMA research team began its work on tracking APT41, it became apparent that

Matanbuchus Loader Report
2022-07-05
Matanbuchus Loader Report

Matanbuchus Loader Report Date: 29-June-22 Author: Manoj Kumar (CYFIRMA-Malware Research Team) Suspected

AvosLocker Ransomware Report
2022-07-05
AvosLocker Ransomware Report

AvosLocker Ransomware Report Suspected Malware: AvosLocker Malware Function: Ransomware Risk Score:

TA505 Recent Trends Report 10-06-2021
2022-06-14
TA505 Recent Trends Report 10-06-2021

Threat Actor Profile Threat Actor: TA505 Alias: ATK 103, Chimborazo, Evil Corp, Gold Evergreen, Gold

Phishing Sample Analysis 10-06-2021
2022-06-10
Phishing Sample Analysis 10-06-2021

Phishing Sample Analysis MD5 : 140F716E974CD7483EEAA380A9C4FD82 SHA1 : 4D5B17CA34D8D15FBAE65AB637919E13E72A3476

MISSION2025 Recent Trends Report 31-05-2021
2022-06-01
MISSION2025 Recent Trends Report 31-05-2021

Recently Observed Campaigns The following list contains recent campaigns observed by CYFIRMA Threat

Yashma Ransomware Report
2022-05-31
Yashma Ransomware Report

Yashma Ransomware Report Executive Summary: Yashma is a new ransomware seen in the wild since May

IOC Analysis of Russian Cyber threat actors Nobelium and Wizard Spider – CYFIRMA
2022-05-25
IOC Analysis of Russian Cyber threat actors Nobelium and Wizard Spider – CYFIRMA

IOC Analysis of Russian threat actors Nobelium and Wizard Spider The Russian threat actors have been

Lazarus Group Recent Trends
2022-05-25
Lazarus Group Recent Trends

Lazarus Group Recent Trends Recently Observed Campaigns The following list contains recent campaigns

Phishing Analysis
2022-05-25
Phishing Analysis

Phishing Analysis A new phishing campaign by TA578 is uncovered that utilizes thread hijacked emails

Onyx Ransomware Report
2022-05-12
Onyx Ransomware Report

Onyx Ransomware Report Suspected Malware: onyx Ransomware Function: Ransomware Risk Score: 8 Confidence

Phishing Campaign related to Russia-Ukraine Conflict
2022-04-22
Phishing Campaign related to Russia-Ukraine Conflict

A new phishing campaign related to threat actor “Armageddon” was noticed earlier this month. The

Hermetic Wiper Malware Report
2022-04-07
Hermetic Wiper Malware Report

Hermetic Wiper Malware Report Date: 04-April-22 Author: Dilpreet Singh Bajwa (Cyfirma-Malware Research

Doublezero Wiper Malware Report
2022-04-07
Doublezero Wiper Malware Report

Doublezero Wiper Malware Report Date: 04-April-22 Author: Manoj Kumar (Cyfirma-Malware Research Team)

Shadowpad Malware Report
2022-03-08
Shadowpad Malware Report

ShadowPad Malware Report Suspected Malware: ShadowPad Malware Function: Backdoor Risk Score: 8 Confidence

Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict
2022-02-27
Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict

Emerging Cyber Threats in the Ongoing Russia-Ukraine Conflict Geopolitical Advisory [10 May 2022,

Tracking DangerousPassword Campaign by Lazarus Group
2022-01-26
Tracking DangerousPassword Campaign by Lazarus Group

Out-of-Band Report – Tracking DangerousPassword Campaign by Lazarus Group   Attack Type:

TimeTime Ransomware Technical Analysis
2022-01-21
TimeTime Ransomware Technical Analysis

Risk Score: 8 Confidence Level: High. Suspected Malware: TimeTime Malware. Function: Ransomware. Threat

Malware Analysis – Supersuso
2022-01-09
Malware Analysis – Supersuso

Supersuso is a ransomware intended to encrypt sensitive data in order to restrict access to it. During

TECHNICAL ANALYSIS – BIGLOCK RANSOMWARE
2021-12-30
TECHNICAL ANALYSIS – BIGLOCK RANSOMWARE

BigLock is a ransomware discovered in 2020 and also known as “corona-lock.” It encrypts