Malwares

Malware families and variants with kill chains, labels, and STIX relationships.

RenEngine

Family
NetSupport RMM

Family
GlassWASM

Family
MeshCentral

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
NtlmThief

AlienVault Confidence 100 2 CVEs 22 MITREs 100 IOCs

First seen 01/01/1970 · Last seen 16/11/5138 ·
Plus Keylogger

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Mallard

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Berserk Stealer

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Dave

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
SocGholish

The MITRE Corporation Confidence 100

[SocGholish](https://attack.mitre.org/software/S1124) is a JavaScript-based loader malware that has been used since at least 2017. It has been observed in use against multiple sectors globally for initial access, primarily…

First seen 01/01/1970 · Last seen 16/11/5138 ·
Gootloader

The MITRE Corporation Confidence 100

[Gootloader](https://attack.mitre.org/software/S1138) is a Javascript-based infection framework that has been used since at least 2020 as a delivery method for the Gootkit banking trojan, [Cobalt Strike](https://attack.mitre.org/software/S0154), [REvil](https://attack.mitre.org/software/S0496), and others.…

First seen 01/01/1970 · Last seen 16/11/5138 ·
Latrodectus

The MITRE Corporation Confidence 100 6 CVEs 67 MITREs 99 IOCs 1 APT

[Latrodectus](https://attack.mitre.org/software/S1160) is a Windows malware downloader that has been used since at least 2023 to download and execute additional payloads and modules. [Latrodectus](https://attack.mitre.org/software/S1160) has most often been distributed…

First seen 01/01/1970 · Last seen 16/11/5138 ·

Page

37–48 of 3361