LockBit 3.0 Ransomware Victim: thaiho[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: November 2022
LockBit 3.0 Ransomware Victim: crtl[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BlackCat/ALPHV Ransomware Victim: Motional
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: GMM Grammy Public Company Limited
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – evasion – 64ece5b294fae4f675cf7a8f75641ed4
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 64ece5b294fae4f675cf7a8f75641ed4SHA1: 7345d026efe7f27a5df85751ad308024d31532fcANALYSIS DATE: 2022-11-08T14:24:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – ransomware – 7328af3a365df9561a55e86421fb81c0
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7328af3a365df9561a55e86421fb81c0SHA1: 6cfb5b4a68100678d95270e3d188572a30abd568ANALYSIS DATE: 2022-11-08T15:00:23ZTTPS: T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – c2a071fde47f97b7ba12114d4d33a633
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c2a071fde47f97b7ba12114d4d33a633SHA1: 3080f8840b49635e03d931a3f9fb03c9e5c9a8e0ANALYSIS DATE: 2022-11-08T15:51:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 2eabb8109c2e76505ed6dd3b29f3ff49
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2eabb8109c2e76505ed6dd3b29f3ff49SHA1: 09323bafbddc678af0d96aa95d5413e52e490ae0ANALYSIS DATE: 2022-11-08T15:50:24ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – azov – 28097ef38e5b2bbcad21becaa9b232ca
Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: 28097ef38e5b2bbcad21becaa9b232caSHA1: 0daaddbd5e25c88534652819cd8ae3d75955faf3ANALYSIS DATE: 2022-11-08T15:08:39ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...
Malware Analysis – chaos – 5907869307f559b670e7acaf1d69cb08
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomware, spyware, stealer, upxMD5: 5907869307f559b670e7acaf1d69cb08SHA1: 1af63521c6a3f5d671c8bfc1f1f662894803d5a9ANALYSIS DATE: 2022-11-08T15:40:08ZTTPS: T1082, T1005, T1081, T1130, T1112 ScoreMeaningExample10Known badA...
HackerOne Bug Bounty Disclosure: apache-flink-rce-via-get-jar/plan-api-endpointbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Apache Flink RCE via GET jar/plan API Endpoint Full...
HackerOne Bug Bounty Disclosure: [kafka-connect]-[jdbcsinkconnector][httpsinkconnector]-rce-by-leveraging-file-upload-via-sqlite-jdbc-driver-and-ssrf-to-internal-jolokiabyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report RCE by leveraging file upload via SQLite JDBC driver...
HackerOne Bug Bounty Disclosure: grafana-rce-via-smtp-server-parameter-injectionbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Grafana RCE via SMTP server parameter injection Full Report...
HackerOne Bug Bounty Disclosure: kafka-connect-rce-via-connector-sasl–jaas-jndiloginmodule-configurationbyjarij
Programme HackerOne Aiven Ltd Aiven Ltd Submitted by jarij jarij Report Kafka Connect RCE via connector SASL JAAS JndiLoginModule configuration...
Malware Analysis – djvu – 7b938bd47d22fb1e51480873bcbbcdb8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7b938bd47d22fb1e51480873bcbbcdb8SHA1: 25729d6a9505e8dbc45ea5b5121dbf1792785ed2ANALYSIS DATE: 2022-11-08T16:51:08ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – e12d62a9826a5774ad165bb70b120663
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – chaos – 4a4435077649dd3023b749dc5cca0a0b
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 4a4435077649dd3023b749dc5cca0a0bSHA1: 73e4be290763fce226110e02f84f7a3f38b89aa8ANALYSIS DATE: 2022-11-08T16:00:06ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – discovery – 0f3707bc9fcf18c583a10a72cc811a06
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 0f3707bc9fcf18c583a10a72cc811a06SHA1: d9f373016a74cc0572287936b00b03ac84607696ANALYSIS DATE: 2022-11-08T16:55:08ZTTPS: T1130, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
HIVE Ransomware Victim: APM Terminals
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: ROYAL GATEWAY CO[.], LTD
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: Cornwell Quality Tools
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – raccoon – 2c4a9effba41930d4dfd9430cde5eb40
Score: 10 MALWARE FAMILY: raccoonTAGS:family:raccoon, family:redline, family:smokeloader, botnet:1020939650_99, botnet:71dfd37ad40a834e3757b044e3efa038, backdoor, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan, upxMD5: 2c4a9effba41930d4dfd9430cde5eb40SHA1: 4809f4ae06e32cadf40a6af7a8e129e17c8676f7ANALYSIS...
Malware Analysis – adware – 0ad4ba6b364996ffc065163089546840
Score: 8 MALWARE FAMILY: adwareTAGS:adware, discovery, exploit, persistence, stealer, upxMD5: 0ad4ba6b364996ffc065163089546840SHA1: ccd32688216e18476d7415e27c5c5750e2ab7a61ANALYSIS DATE: 2022-11-08T17:38:00ZTTPS: T1112, T1176, T1060, T1222 ScoreMeaningExample10Known badA...
Malware Analysis – adware – 0b30dcf3e2af94c3e3e6e377d904d0d0
Score: 8 MALWARE FAMILY: adwareTAGS:adware, discovery, exploit, persistence, stealer, upxMD5: 0b30dcf3e2af94c3e3e6e377d904d0d0SHA1: e662c515dc57056d0703bafe6d9b3c7c25156b47ANALYSIS DATE: 2022-11-08T17:37:58ZTTPS: T1112, T1176, T1060, T1222 ScoreMeaningExample10Known badA...
