Malware Unmasked: Q3's Top 10 Malware Families and Sample Distributions - VMRay

Malware Unmasked:  
Top 10 Malware Families and Sample Distributions in Q3

Q3 – 2023

Explore Q3’s cyber frontier with insights into top malware families and the diverse landscape of sample submissions.

Table of Contents

Delve into the dynamic threat landscape of Q3 as we unveil the top 10 malware families observed on cloud submissions. Our comprehensive analysis not only identifies these evolving threats but also highlights the critical need for vigilance and proactive defense strategies. 

Explore the distribution of sample types, emphasizing the prominence of phishing-related submissions, and gain valuable insights to fortify your cybersecurity defenses against both known and emerging threats.

Understanding the Shifting Landscape of Cyber Threats

One of the foundational responsibilities of our Labs Threat Analysis team is the continuous surveillance of cybersecurity events globally. Beyond merely tracking existing malware families and their evolving tactics, techniques, and procedures, our goal is to stay a step ahead of cyber adversaries.

This involves not only identifying new malware variants but also maintaining real-time awareness of any shifts or changes within the larger threat landscape. In the dynamic realm of cybersecurity, new malware campaigns, vulnerabilities, and changes in attacker behavior necessitate constant vigilance.

This chapter sheds light on the top 10 malware families observed in Q3, providing insights into the ever-evolving strategies employed by threat actors.

Top 10 Malware Families in Q3

In the fast-paced world of cybersecurity, staying current with the latest trends and techniques used by attackers is paramount. Among the submissions to VMRay Cloud in Q3, we have observed below malware families to be the top 10 most commonly faced malware families:

  1. BumbleBee
  2. AgentTesla
  3. RedLine
  4. XLoader
  5. FormBook
  6. Lokibot
  7. SmokeLoader
  8. Vidar
  9. Cobalt Strike
  10. Gh0st RAT

This list serves as a snapshot of prevalent threats during this period, underlining the importance of proactive defenses against known and emerging risks.

Distribution of Sample Types: The Varied Faces of Cyber Threats

Exploring the diverse landscape of cyber threats reveals an intricate web of attack vectors and malicious artifacts. In this section, we delve into the distribution of sample types submitted to our Cloud, providing nuanced insights into the multifaceted nature of threats. 

Phishing threats in focus

Phishing, a predominant threat vector, remains a focal point, collectively constituting 53.3% of all submissions. While URLs comprise 37.4%, underscoring the prevalence of web-based attacks, email submissions, accounting for 15.9%, reaffirm the enduring significance of email-borne threats.


Beyond these primary vectors, the threat landscape expands across various file formats. Microsoft Office documents, representing 11% of submissions, emerge as common carriers of malicious payloads. Windows Executables (8%) and PDF files (7.6%) underscore the diversity of attack methodologies. MacOS executables, Windows DLL files, and Archives contribute to the intricate tapestry of threats, each demanding a tailored defense approach.

The need for recursive analysis


It’s essential to note that the boundaries between sample types are often porous. For instance, an archive file can include a PDF document which might encapsulate a URL which then leads to other URLs before starting the malicious activity. 

This necessitates recursive analysis to unveil its true intent. Platforms like VMRay excel in these scenarios, comprehensively tracking and documenting malicious behavior from inception to completion. This capability ensures a thorough understanding of the attack chain, even when concealed within intricate file structures or recursive URLs, fortifying defenses against evolving and sophisticated threats.

VMRay Malware & Phishing Threat Landscape – Q3/2023

Next Chapter: 
Windows Threats

See VMRay in action.
Secure your organization against the emerging and evolving threats.

Further resources


Key forces shaping the future of security automation

Watch the full recording from the our webinar featuring Forrester


Explore VMRay’s seamless integrations

Explore all security automation use cases that help you can benefit.


VMRay Professional Services

Learn how VMRay supports deployment, configurations, integrations & more.

Calculate how much malware false positives are costing your organization:
Malware False Positive Cost Calculator