Cobalt Stike Beacon Detected – 174[.]138[.]21[.]86:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2022
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]144:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]92[.]52[.]118:800
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]207[.]216[.]145:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 85[.]239[.]53[.]92:24
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 40[.]113[.]195[.]1:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]7[.]201[.]45:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]131[.]40[.]171:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 9cb04eca9e0c2866a72fd657360a677f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9cb04eca9e0c2866a72fd657360a677fSHA1: 34a66ff60cd8a0e2543dff4f2b82063349927dc9ANALYSIS DATE: 2022-11-05T21:30:52ZTTPS: T1005, T1081, T1012, T1082, T1060, T1112,...
Malware Analysis – smokeloader – a4e80d2af5df9e2918ebcb4bd8bb26f4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a4e80d2af5df9e2918ebcb4bd8bb26f4SHA1: a6e9113a3c12d3d55cb4e6abd4ee8a8600ffd218ANALYSIS DATE: 2022-11-05T21:34:33ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – bfbad58a404b8acfb4065c3dd31dd740
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: bfbad58a404b8acfb4065c3dd31dd740SHA1: 1a6d008d59959351cb60f39161eb85a25c1befc9ANALYSIS DATE: 2022-11-05T22:22:19ZTTPS: T1082, T1012, T1005, T1081, T1060, T1112,...
Malware Analysis – chaos – d7b6db1727fbce074304a7f52e745410
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: d7b6db1727fbce074304a7f52e745410SHA1: 05289d8730edcf6998f7ca1ee04c15fb1287a106ANALYSIS DATE: 2022-11-05T22:00:32ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – 0714fef21fa2058d90d1bc67b2356cc9
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 0714fef21fa2058d90d1bc67b2356cc9SHA1: c8ac3e16023a064e54384f1eef93d57c71dc2b04ANALYSIS DATE: 2022-11-05T22:14:54ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – f7bb27e406c5b92ec0438699eb76c2af
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f7bb27e406c5b92ec0438699eb76c2afSHA1: e65e3a09b9eff143917a6ca5283e5c22016634c3ANALYSIS DATE: 2022-11-05T22:31:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – b0f8a4260a89b630ba09bd866b6fae36
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: b0f8a4260a89b630ba09bd866b6fae36SHA1: 54f8db159fee8cec990873f2a0013e3e4b078dd7ANALYSIS DATE: 2022-11-05T23:52:46ZTTPS: T1060, T1112, T1222, T1082, T1005, T1081,...
Malware Analysis – djvu – 3581e600b562f13a0a23d301cf45e97f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 3581e600b562f13a0a23d301cf45e97fSHA1: 7bbc34ed95d9f65e08a6440748b1676ef6cf16d8ANALYSIS DATE: 2022-11-05T23:16:20ZTTPS: T1005, T1081, T1060, T1112, T1012, T1053,...
Malware Analysis – djvu – 5039097901c0a2d3a17f528c80e49a52
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mast1000, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 5039097901c0a2d3a17f528c80e49a52SHA1: fed22f4080fe0cbbf6e7755e71748f53db4c1adcANALYSIS DATE:...
Malware Analysis – – 250a23219a576180547734430d71b0e6
Score: 7 MALWARE FAMILY: TAGS:MD5: 250a23219a576180547734430d71b0e6SHA1: a5bcdb824d325d44c5e0feb5bf9389da520e6f82ANALYSIS DATE: 2022-11-05T22:45:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
29 malicious PyPI packages spotted delivering the W4SP Stealer
Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers’ systems. Cybersecurity researchers have discovered 29 packages...
LockBit 3.0 Ransomware Victim: KEARNEYCO[.]COM
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: everstrong[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Zero-day are exploited on a massive scale in increasingly shorter timeframes
Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital...
Black Basta Ransomware Victim: MITCON Consultancy & Engineering Services Limited
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Prefetch-Hash-Cracker – A Small Util To Brute-Force Prefetch Hashes
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
