Month: November 2022

LockBit 3.0 Ransomware Victim: tekniplex[.]be

November 2, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – chaos – ad1092a88d809d46cc170c801ceae6e9

November 2, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, persistence, ransomware, spyware, stealerMD5: ad1092a88d809d46cc170c801ceae6e9SHA1: 4df0ede913fd17392f6250f76661d118861aaa89ANALYSIS DATE: 2022-11-02T15:00:08ZTTPS: T1490, T1059, T1107, T1082, T1005, T1081,...

Malware Analysis – amadey – 626af126738de192d7a33b40ccbb449d

November 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan,...

HackerOne Bug Bounty Disclosure: stored-xss-in-intensedebate-com-via-the-comments-rssbybugra

November 2, 2022

Programme HackerOne Automattic Automattic Submitted by bugra bugra Report Stored XSS in intensedebate.com via the Comments RSS Full Report A...

Malware Analysis – ransomware – 4a30561d4524503303a22cc33091cb2c

November 2, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4a30561d4524503303a22cc33091cb2cSHA1: c9392e3487d5c75f26eb0c736ba6b88e9a60512cANALYSIS DATE: 2022-11-02T15:05:45ZTTPS: T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – smokeloader – 2e04415a2dbfe19fe6c102a79bbd1b82

November 2, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 2e04415a2dbfe19fe6c102a79bbd1b82SHA1: 7ca6f35831b566be286ea26915e35d2a15727769ANALYSIS DATE: 2022-11-02T15:02:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 46f62af31b9d5acfb159c0f95c95fc54

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 46f62af31b9d5acfb159c0f95c95fc54SHA1: 258fe7a3685806de6eb16500647be5f325b660ebANALYSIS DATE: 2022-11-02T15:03:08ZTTPS: T1012, T1053, T1082, T1222, T1005, T1081,...

Malware Analysis – octo – c97a3e1cb8ef9831a506a476d9a41e02

November 2, 2022

Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: c97a3e1cb8ef9831a506a476d9a41e02SHA1: c9227a9823668d2c2396b992b085a448fb3245bdANALYSIS DATE: 2022-11-02T15:08:34ZTTPS: ScoreMeaningExample10Known badA malware family was...

Malware Analysis – evasion – 813704db631ee44f572b4cd0c1067695

November 2, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 813704db631ee44f572b4cd0c1067695SHA1: ca9118d99b160b3b5fb12df9230831eaec400dd1ANALYSIS DATE: 2022-11-02T15:20:05ZTTPS: T1112, T1088, T1089, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – medusalocker – 87fc357cfaa43f6766a5efef072871bc

November 2, 2022

Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, evasion, ransomware, spyware, stealer, trojanMD5: 87fc357cfaa43f6766a5efef072871bcSHA1: ab77612d19ab9ec9f3bff9f13bf18cffc82799a7ANALYSIS DATE: 2022-11-02T15:21:10ZTTPS: T1082, T1005, T1081, T1088, T1089, T1112,...

Malware Analysis – evasion – 6671d139c65f08a309f41703287409a4

November 2, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: 6671d139c65f08a309f41703287409a4SHA1: e94def6f8384999a6c994c4e26c52c13f458271cANALYSIS DATE: 2022-11-02T15:20:15ZTTPS: T1107, T1490, T1070, T1005, T1081, T1018, T1158,...

Malware Analysis – ransomware – 0ae5fddc4a858868fc3db14c51618116

November 2, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 0ae5fddc4a858868fc3db14c51618116SHA1: a57b0f1ded08abcb8f2430d0d54e2f51df91e8f6ANALYSIS DATE: 2022-11-02T15:19:58ZTTPS: T1005, T1081, T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA...

Malware Analysis – djvu – 9a164cede19b9203c508c386fabb2a45

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9a164cede19b9203c508c386fabb2a45SHA1: f00e3ed4d51a5296ce350ec071c0e8ede05f3cdfANALYSIS DATE: 2022-11-02T16:21:17ZTTPS: T1005, T1081, T1222, T1053, T1012, T1082,...

Malware Analysis – evasion – 183ad97d55d1170f21a8d10a8339fdab

November 2, 2022

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 183ad97d55d1170f21a8d10a8339fdabSHA1: 427b302690b2418b5b414fee3ac6ce585e6fe375ANALYSIS DATE: 2022-11-02T16:06:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – e20a320b8ff66f8e136150233f22e369

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: e20a320b8ff66f8e136150233f22e369SHA1: 18e52d360e4c171cf1a28986c33450350143fb10ANALYSIS...

Malware Analysis – amadey – 0ea04d00739c5b503ac7a0b085a4e07d

November 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan, upxMD5:...

Jscythe – Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code

November 2, 2022

jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even...

Cobalt Stike Beacon Detected – 205[.]185[.]114[.]97:80

November 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – discovery – 0dde0c9450eed08bf80da8f7a2ec2a86

November 2, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, pyinstaller, ransomware, upxMD5: 0dde0c9450eed08bf80da8f7a2ec2a86SHA1: 9bfd776b25d4eeb9224adff4846471d12cbe285eANALYSIS DATE: 2022-11-02T09:15:49ZTTPS: T1012, T1082, T1060, T1120 ScoreMeaningExample10Known badA malware...

Malware Analysis – evasion – eadb17b5927d0d3ede787219fe4cdf16

November 2, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: eadb17b5927d0d3ede787219fe4cdf16SHA1: 8cacc18b9c25bc93ba340f5b1902f783ca23a4b6ANALYSIS DATE: 2022-11-02T09:06:38ZTTPS: T1031, T1082, T1112, T1107, T1490, T1012, T1060, T1120 ScoreMeaningExample10Known...

Month: November 2022

LockBit 3.0 Ransomware Victim: tekniplex[.]be

Malware Analysis – chaos – ad1092a88d809d46cc170c801ceae6e9

Malware Analysis – amadey – 626af126738de192d7a33b40ccbb449d

HackerOne Bug Bounty Disclosure: stored-xss-in-intensedebate-com-via-the-comments-rssbybugra

Malware Analysis – ransomware – 4a30561d4524503303a22cc33091cb2c

Malware Analysis – smokeloader – 2e04415a2dbfe19fe6c102a79bbd1b82

Malware Analysis – djvu – 46f62af31b9d5acfb159c0f95c95fc54

Malware Analysis – octo – c97a3e1cb8ef9831a506a476d9a41e02

Malware Analysis – evasion – 813704db631ee44f572b4cd0c1067695

Malware Analysis – medusalocker – 87fc357cfaa43f6766a5efef072871bc

Malware Analysis – evasion – 6671d139c65f08a309f41703287409a4

Malware Analysis – ransomware – 0ae5fddc4a858868fc3db14c51618116

Malware Analysis – djvu – 9a164cede19b9203c508c386fabb2a45

Malware Analysis – evasion – 183ad97d55d1170f21a8d10a8339fdab

Malware Analysis – djvu – e20a320b8ff66f8e136150233f22e369

Malware Analysis – amadey – 0ea04d00739c5b503ac7a0b085a4e07d

Jscythe – Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code

Cobalt Stike Beacon Detected – 205[.]185[.]114[.]97:80

Malware Analysis – discovery – 0dde0c9450eed08bf80da8f7a2ec2a86

Malware Analysis – evasion – eadb17b5927d0d3ede787219fe4cdf16

Cobalt Stike Beacon Detected – 188[.]166[.]199[.]36:80

Cobalt Stike Beacon Detected – 185[.]143[.]223[.]76:443

Cobalt Stike Beacon Detected – 2[.]47[.]145[.]134:443

Cobalt Stike Beacon Detected – 146[.]56[.]196[.]110:9999

HackerOne Bug Bounty Disclosure: cve-hsts-subdomain-overwrites-parent-cache-entry-newfunction

HackerOne Bug Bounty Disclosure: potential-xss-in-redirect-url-parameter-kindone

HackerOne Bug Bounty Disclosure: exploitable-format-string-vulnerability-in-curl-mfprintf-function-reterix

HackerOne Bug Bounty Disclosure: -potential-xss-vulnerability-in-acronis-login-callback-url-kindone

[FOG] – Ransomware Victim: GSR Andrade Architects (gsr-andrade[.]com)

You may have missed