Threat Specimen Archive
The encyclopedia of malware.
Families, history, timelines, capabilities and indicators — cross-linked with the breaches they caused and the teardowns that explain them.
- Families
- 25
- Types
- 07
- Variants
- 01
- Active
- 07
Recently catalogued
Read more →Agent Tesla
ActiveInfostealer / RAT
A long-running .NET infostealer and RAT sold as malware-as-a-service, specialising in credential theft, keylogging and exfiltration over SMTP/FTP/Telegram.
BlackCat (ALPHV)
DisruptedRansomware
One of the first major ransomware families written in Rust, a sophisticated RaaS behind the Change Healthcare attack before its 2024 exit scam.
Conficker
DormantWorm / Botnet
A 2008 worm that exploited a Windows RPC flaw to build one of the largest botnets ever, infecting millions of machines that linger to this day.
Conti
DisruptedRansomware
A ruthless ransomware-as-a-service operation run as a criminal enterprise, whose 2022 internal leaks exposed its inner workings before it rebranded.
Dridex
DormantBanking trojan / Loader
A long-lived banking trojan operated by Evil Corp, descended from Bugat/Cridex and later used to stage BitPaymer and DoppelPaymer ransomware.
Emotet
DisruptedBanking trojan / Loader
A modular banking trojan turned prolific malware-as-a-service loader, infamous for malspam campaigns and for dropping ransomware payloads before its 2021 takedown.
Browse by type