Cobalt Stike Beacon Detected – 104[.]225[.]234[.]34:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: October 2022
Cobalt Stike Beacon Detected – 106[.]13[.]63[.]18:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 38[.]54[.]37[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]8[.]18[.]242:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]189[.]200:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]51[.]104:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 188[.]241[.]240[.]136:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]80[.]189[.]108:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]188[.]175:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]98[.]234[.]230:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 58[.]96[.]75[.]176:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Aruba fixes critical vulnerabilities in EdgeConnect Enterprise Orchestrator
Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect Enterprise Orchestrator. Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect...
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to...
LockBit 3.0 Ransomware Victim: marktel[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
NCSC issues fresh guidance following recent rise in supply chain cyber attacks
N New cyber security guidance issued in response to growing trend in supply chain attacks GCHQ’s National Cyber Security Centre...
Microsoft Patch Tuesday for October 2022 doesn’t fix Exchange Server flaws
Microsoft Patch Tuesday security updates for October 2022 addressed a total of 85 security vulnerabilities, including an actively exploited zero-day. Microsoft...
SteaLinG – Open-Source Penetration Testing Framework Designed For Social Engineering
The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to...
LockBit 3.0 Ransomware Victim: martel[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – ransomware – b812599e422e43884d82d78291f85c11
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: b812599e422e43884d82d78291f85c11SHA1: d4c179b0bfb8adceccdbad168dd662738fad770eANALYSIS DATE: 2022-10-12T08:05:05ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 9e36523ee2bd21f75d43eb24f1ebf2aa
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 9e36523ee2bd21f75d43eb24f1ebf2aaSHA1: 5634cfcf86bcbc7b0951ea77f2f9381226e6c8efANALYSIS DATE: 2022-10-12T08:05:11ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – wannacry – 00f6f68aef14d7e633718fd98c5849bf
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 00f6f68aef14d7e633718fd98c5849bfSHA1: d1ecadafb4afad7e8d68f5e569a42ab62dfcccf0ANALYSIS DATE: 2022-10-12T08:06:05ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 83524a6ab3c6d94fb3e3d0e798902662
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 83524a6ab3c6d94fb3e3d0e798902662SHA1: 7f1e31f3027c3b7d769880bb8e55ca869ce0e29dANALYSIS DATE:...
Malware Analysis – wannacry – 5cfb415656b90415c61f63f926687bba
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 5cfb415656b90415c61f63f926687bbaSHA1: 38f948257e65bce017effb1dd4166b45857a8664ANALYSIS DATE: 2022-10-12T08:07:03ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 361ad8caea536bb548de7dd173f39cb4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 361ad8caea536bb548de7dd173f39cb4SHA1: bc29e8b86b2e754fdf4ab7a77aae492613dbe443ANALYSIS DATE: 2022-10-12T08:39:48ZTTPS: T1053, T1005, T1081, T1012,...
