Linkedin Github

👋./Malfav.asm
- 🕸️Malfav Agenda
🕷️Malware Introduction
🐁OS Internal's
- 🍩Suspicious API's
🪟Windows Internal
- 📡Windows Internal
  - 🦐Why Windows Internal ?
    🏵️Process
    🧵Thread
    🪭Handle
    🌐Memory
    ☢️Ram
    🤖ROM
👁️‍🗨️Malware Technique
⚔️Malware Resources
- 👻Malware Resources
- 🎇Malware Sample Resources
Malware Analysis Toolkit
Books and Guidelines
- 🔋Books and Guidelines for Malware Analysis .
📋Malware Analysis Tips
- 🖇️Malware Analysis Tips
🧽Incident Response
- 🐳What is Incident Response
  - Incident Response Tools
  - Incident Response Toolkit
Technical Analysis Report
- 🦎Technical Analysis Report
  - 🧲Stuxnet Memory Analysis
🚨Rootkit Removal
- 🤖Rootkit Removal
🗜️Antivirus Artifact
- 〽️Antivirus Artifact
  - 🀄Antivirus Process Name
🧠Malware Author Mindset
- 💽Malware Author Mindset
  - 🍫How Malware Author Terminate Antivirus Process during runtime ?

Powered by GitBook

On this page

Malware Introduction

Advanced Persistence Threat - APT

APT Groups

Windigo

The Windigo group has been operating since at least 2011, compromising thousands of Linux and Unix servers using the Ebury SSH backdoor to create a spam botnet. Despite law enforcement intervention against the creators, Windigo operators continued updating Ebury through 2019.[1][2]

PreviousWhitefly NextWindshift

Last updated 7 months ago

🕷️

🏞️

🥠

🔘

Page cover image