4 Types of Cyber Crime Groups
Discover the four main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, and...
Month: November 2022
Hack the Real Box: APT41’s New Subgroup Earth Longzhi
We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This...
Surveillance vendor exploited Samsung phone zero-days
Google Project Zero researchers reported that a surveillance vendor is using three Samsung phone zero-day exploits. Google Project Zero disclosed...
LockBit 3.0 Ransomware Victim: shmcomputers[.]screenconnect[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: continental[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cuba Ransomware Victim: waltersandwolf
Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – evasion – a95d19c9b1972f9f6c8a66b148e08918
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a95d19c9b1972f9f6c8a66b148e08918SHA1: ce6f76f1181355dbb1e559f1d15d43d513d80702ANALYSIS DATE: 2022-11-08T12:31:50ZTTPS: T1112, T1158, T1088, T1089, T1082, T1005,...
Malware Analysis – discovery – 0ffa05c5bcecaee09bac1f5f1ed25f80
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 0ffa05c5bcecaee09bac1f5f1ed25f80SHA1: 9acffa92149b0db7a243d59f5780054f5e024e3aANALYSIS DATE: 2022-11-08T13:25:13ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – teslacrypt – 6eb1c8fb571684bd3d219b963fad3d6f
Score: 10 MALWARE FAMILY: teslacryptTAGS:family:teslacrypt, persistence, ransomwareMD5: 6eb1c8fb571684bd3d219b963fad3d6fSHA1: b9205cd714e320fbac5f8c22171d40cc005a26abANALYSIS DATE: 2022-11-08T13:29:21ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family...
Malware Analysis – discovery – 01dc2d1847f1ec016717148e991b04d0
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 01dc2d1847f1ec016717148e991b04d0SHA1: e08b0a35f9dd1e130232577c29fe8ed4e7a05ac7ANALYSIS DATE: 2022-11-08T13:25:19ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – a956802c8406310e6ec9c92f37a9a840
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a956802c8406310e6ec9c92f37a9a840SHA1: c0d5f1acd810277b48de5406a398ac9775644541ANALYSIS DATE: 2022-11-08T12:42:59ZTTPS: T1088, T1089, T1112, T1158, T1082, T1060,...
Malware Analysis – djvu – 8e8c43682825e340a0e4e86df9638d88
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:gg, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 8e8c43682825e340a0e4e86df9638d88SHA1:...
Malware Analysis – persistence – 3d832202850a77dfbf0c8cfc0ec6a464
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 3d832202850a77dfbf0c8cfc0ec6a464SHA1: a8aabae68c94856eec1a23884fb337b2b2e22fdaANALYSIS DATE: 2022-11-09T15:18:44ZTTPS: T1060, T1112, T1005, T1081, T1053 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – eae4c8b586e411a419710263d0eb0b96
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: eae4c8b586e411a419710263d0eb0b96SHA1: 0dfcabd6d65446a52b906000e98e23c7bb7d67d2ANALYSIS DATE: 2022-11-09T15:21:09ZTTPS: T1012, T1005, T1081, T1060,...
Malware Analysis – teslacrypt – 52ec44494fed2c9bebd5ce99903b7775
Score: 10 MALWARE FAMILY: teslacryptTAGS:family:teslacrypt, persistence, ransomware, spyware, stealerMD5: 52ec44494fed2c9bebd5ce99903b7775SHA1: 6191526cf35f080922830412c795df4fed5f8696ANALYSIS DATE: 2022-11-08T13:52:35ZTTPS: T1082, T1060, T1112, T1107, T1490, T1005, T1081,...
Malware Analysis – dcrat – d68bd01a1c047679188bd4ba14268249
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:gg, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – surtr – 393e9f112cc999ebd9333877bcc7535e
Score: 10 MALWARE FAMILY: surtrTAGS:family:surtr, evasion, persistence, ransomware, spyware, stealer, trojan, upxMD5: 393e9f112cc999ebd9333877bcc7535eSHA1: ed65581b6c3980b3ddf623a4d2f61ce08ce59bdfANALYSIS DATE: 2022-11-09T16:00:21ZTTPS: T1490, T1107, T1088, T1089,...
Malware Analysis – djvu – 879da220b96bdee376de037c5bff5e31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 879da220b96bdee376de037c5bff5e31SHA1: 00eb2f6949fe3a189063909ad401da0ed0eea66bANALYSIS DATE: 2022-11-09T16:24:55ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – ransomware – d796f9491a1dbd0f0dbcf2e2dfc617e5
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: d796f9491a1dbd0f0dbcf2e2dfc617e5SHA1: e0dc3073ec0263d3267ce014bdbb3f69666da426ANALYSIS DATE: 2022-11-09T17:06:00ZTTPS: T1082, T1012, T1005, T1081, T1102 ScoreMeaningExample10Known badA malware family...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
CISA: Microsoft Releases November 2022 Security Updates
Microsoft Releases November 2022 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency...
Microsoft Patch Tuesday updates fix 6 actively exploited zero-days
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday updates for...
RDPHijack-BOF – Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access...
