Experts investigate WhatsApp data leak: 500M user records for sale
Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original...
Year: 2022
SharpSCCM – A C# Utility For Interacting With SCCM
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement and...
Karakurt Ransomware Victim: Ethigen Limited
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – amadey – ddfa266969e3ad7e738080e21fba2ba9
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:kript, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – 49392e02f7688b47f6babcf687cf5d91
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 49392e02f7688b47f6babcf687cf5d91SHA1: 3e667b085532edde5c6adea500edee55859ab743ANALYSIS DATE: 2022-11-25T09:01:13ZTTPS: T1005, T1081, T1012, T1082,...
Cobalt Stike Beacon Detected – 123[.]57[.]232[.]6:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]13[.]5[.]233:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]144[.]183[.]9:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 0706a5e09c3a7e2dbbdba209aebdab24
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0706a5e09c3a7e2dbbdba209aebdab24SHA1: 3353060b6b6cfd1d6c8acbd7bdc8c2067feef23fANALYSIS DATE: 2022-11-25T09:14:25ZTTPS: T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 375ec00e2e4319d0f51fdce08ba10c8a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 375ec00e2e4319d0f51fdce08ba10c8aSHA1: 04b6c4855ea47a5eb1cd7862ab338ce22129c006ANALYSIS DATE: 2022-11-25T10:53:13ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – amadey – ea94bcabd73267ef225bb9e52aec3659
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, stealer, trojanMD5: ea94bcabd73267ef225bb9e52aec3659SHA1: f7fe137bc0431e04ec0bd4a83f9f9f5f867286a0ANALYSIS DATE: 2022-11-25T10:31:35ZTTPS:...
Malware Analysis – djvu – 58b5209aa0001d580ab13ecf79d09750
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 58b5209aa0001d580ab13ecf79d09750SHA1: 2d5f3452cf6358aa8e5810774e668fc918875b13ANALYSIS DATE: 2022-11-25T10:14:41ZTTPS: T1005, T1081, T1012, T1060,...
Black Basta Ransomware Victim: Maple Leaf Foods
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 172[.]105[.]222[.]100:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]55[.]226[.]33:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]155[.]126[.]25:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]36:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – amadey – cb08a961a70f8b2417f8975f4ceb81aa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, backdoor, ransomware, trojanMD5: cb08a961a70f8b2417f8975f4ceb81aaSHA1: 52356c0c6dcb273eeda64aba7c484dbf52e7464eANALYSIS DATE: 2022-11-25T11:05:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 87b7c8de029618c4a1e08792a1f36f03
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 87b7c8de029618c4a1e08792a1f36f03SHA1: cb852f97675ebb210ed82b3153f897990035a093ANALYSIS DATE: 2022-11-25T11:22:28ZTTPS: T1082, T1053, T1005, T1081,...
Malware Analysis – ransomware – ff88397d0fdd02e072a80f38358c4253
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ff88397d0fdd02e072a80f38358c4253SHA1: 83333da8fc0f1dfb716dfa82ee7470702356ad76ANALYSIS DATE: 2022-11-25T10:57:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 4e8b949ac446e0ac8f2caa7878a3134e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 4e8b949ac446e0ac8f2caa7878a3134eSHA1: 3d07ab9ad186bd2f95803e8565334f83232b4c29ANALYSIS DATE: 2022-11-25T11:37:45ZTTPS: T1060, T1112, T1222, T1053,...
Cobalt Stike Beacon Detected – 159[.]75[.]231[.]11:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
