Malwarebox is an independent European malware analysis and threat intelligence project focused on tracking real-world attack infrastructure, malware delivery chains, and adversary behavior.
The blog publishes technical research on malware campaigns, infrastructure rotations, payload delivery, obfuscation techniques, and threat actor activity. Instead of only listing indicators, Malwarebox tries to explain how an attack is built, how the infrastructure is connected, and what patterns can be reused for detection and analysis.
Malwarebox also includes experimental tools and models such as Kraken, ACDP, IIM, and IIMQL, which are designed to support structured infrastructure intelligence, adversary tracking, and deeper malware campaign analysis.
References:
| Name | URL |
| Malwarebox | https://malwarebox.eu |
| Malwarebox GitHub | https://github.com/MalwareboxEU |
| KRAKEN Website | https://kraken.malwarebox.eu |
| KRAKEN Whitepaper | https://kraken.malwarebox.eu/whitepaper |
| IIM Website | https://iim.malwarebox.eu |
| IIM GitHub | https://github.com/MalwareboxEU/IIM |
| IIM Workbench Web | https://workbench.iim.malwarebox.eu/ |
| IIM Workbench GitHub | https://github.com/MalwareboxEU/IIM-Workbench |
| ACDP Website | https://acdp.malwarebox.eu |
| ACDP Whitepaper | https://github.com/MalwareboxEU/ACDP/blob/main/acdp-paper.pdf |