3,697 indexed
SOFTWARESoftware & malware
3,697 tools and malware families — MITRE ATT&CK Software plus the wider cs-graph malware corpus. Use /search for keyword + ID lookup. Authored by Adam Lundqvist.
Showing 3,151–3,200 of 3,697 · page 64 of 74
| ID | Title | Summary |
|---|---|---|
| SMASH | Smash! | Ransomware |
| SMAUG | Smaug | ransomware |
| SMBTOUCH | SMBTOUCH | check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE |
| SMOKE-LOADER | Smoke Loader | This small application is used to download other malware. What makes the bot interesting are various tricks that it uses for deception and self protection. |
| SMRSS32 | Smrss32 | Ransomware |
| SNAKE-EKANS | Snake-Ekans | ransomware |
| SNAKE-RANSOMWARE | Snake Ransomware | Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malware family targeting entire corporate netw… |
| SNAKELOCKER | SnakeLocker | ransomware |
| SNATCH | Snatch | ransomware |
| SNIFULA | Snifula | |
| SNOOPY | Snoopy | Snoopy is a Remote Administration Tool. Software for controlling user computer remotely from other computer on local network or Internet. |
| SNOWDOOR | Snowdoor | Backdoor.Snowdoor is a Backdoor Trojan Horse that allows unauthorized access to an infected computer. It creates an open C drive share with its default setting… |
| SNOWPICNIC | SnowPicnic | ransomware |
| SNOWYAMBER | SNOWYAMBER | A tool first used in October 2022, abusing the Notion service to communicate and download further malicious files. Two versions of this tool have been observed… |
| SNSLOCKER | SNSLocker | Ransomware Based on EDA2 |
| SNUGRIDE | SNUGRIDE | SNUGRIDE is a backdoor that communicates with its C2 server through HTTP requests. Messages are encrypted using AES with a static key. The malware’s capabiliti… |
| SOCKET23 | Socket23 | SOCKET23 was launched from his web site and immedi- ately infected major French corporations between August and October 1998. The virus (distributing the Troja… |
| SOCKETPLAYER | SocketPlayer | The RAT is written in .NET, it uses socket.io for communication. Currently there are two variants of the malware, the 1st variant is a typical downloader where… |
| SODAMASTER | SodaMaster | This is a RAT that is usually loaded with one or more shellcode and/or reflective DLL injection techniques. The RAT uses RC4 or a hardcoded RSA key for traffic… |
| SODINOKIBI | Sodinokibi | Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi." Sodinokibi … |
| SOFUCKED | SoFucked | ransomware |
| SOLEENYA | soleenya | |
| SOLIDBIT | Solidbit | Ransomware, written in .NET. |
| SOLIDER | Solider | ransomware |
| SOLO | SOLO | ransomware |
| SOLVE | Solve | ransomware |
| SOMIK1 | Somik1 | ransomware |
| SORA | Sora | Big changes on the IoT malware scene. Security researchers have spotted a version of the Mirai IoT malware that can run on a vast range of architectures, and e… |
| SOREBRECT | SOREBRECT | Fileless, Code-injecting Ransomware |
| SORRY-HT | Sorry HT | ransomware |
| SOUNDWAVE | SOUNDWAVE | SOUNDWAVE is a windows based audio capturing utility. Via command line it accepts the -l switch (for listen probably), captures microphone input for 100 minute… |
| SOURFACE | SOURFACE | downloader - Older version of CORESHELL |
| SPACE-BEARS | space bears | |
| SPAMTHRU | Spamthru | Spam Thru represented an expontential jump in the level of sophistication and complexity of these botnets, harnessing a 70,000 strong peer to peer botnet seede… |
| SPARTA | Sparta | |
| SPARTA-RAT | Sparta RAT | |
| SPARTACUS-RANSOMWARE | Spartacus Ransomware | |
| SPARTCRYPT | SpartCrypt | ransomware |
| SPAWNANT | SPAWNANT | SPAWNANT is an installer that leverages a coreboot installer function to establish persistence for the SPAWNMOLE tunneler and SPAWNSNAIL backdoor. It hijacks a… |
| SPAWNMOLE | SPAWNMOLE | SPAWNMOLE is a tunneler that injects into the web process. It hijacks the accept function in the web process to monitor traffic and filter out malicious traffi… |
| SPAWNSLOTH | SPAWNSLOTH | SPAWNSLOTH is a log tampering utility injected into the dslogserver process. It can disable logging and disable log forwarding to an external syslog server whe… |
| SPECTRE | Spectre | ransomware |
| SPHINX | Sphinx | ransomware |
| SPICYOMELETTE | SpicyOmelette | In 2018, CTU researchers observed several GOLD KINGSWOOD campaigns involving SpicyOmelette, a tool used by the group during initial exploitation of an organiza… |
| SPICYTUNA | SPICYTUNA | SPICYTUNA is a VBA downloader. It collects basic system information and is capable of downloading and executing additional stages. Availability: Non-public |
| SPINDEST | Spindest | |
| SPIRIGATITO | spirigatito | |
| SPITEFUL-DOUBLETAKE | Spiteful Doubletake | ransomware |
| SPIVY | SPIVY | In March 2016, Unit 42 observed this new Poison Ivy variant we’ve named SPIVY being deployed via weaponized documents leveraging CVE-2015-2545. |
| SPONGEBOB | SpongeBob | ransomware |