Whids – Open Source EDR For Windows
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
Year: 2022
LockBit 3.0 Ransomware Victim: steelesolutions[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Preparing for the long haul: the cyber threat from Russia
Preparing for the long haul: the cyber threat from Russia In January 2022, ahead of Russia’s invasion of Ukraine, we...
Cobalt Stike Beacon Detected – 82[.]156[.]14[.]220:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]32[.]74[.]236:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]7[.]48:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]219[.]255[.]76:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 176[.]113[.]115[.]102:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]189[.]200:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 87[.]251[.]67[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 178[.]18[.]255[.]124:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]158[.]174:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]255[.]99[.]112:23424
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]215[.]30:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – – 4e5a9de6dee1ea7cabb43974a889a531
Score: 3 MALWARE FAMILY: TAGS:MD5: 4e5a9de6dee1ea7cabb43974a889a531SHA1: 1c9c65accb79f622b1adc8e34e14848776686a30ANALYSIS DATE: 2022-10-27T08:46:37ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – danabot – 824e08873738c225a76596134d687c92
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:systembc, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, backdoor, banker, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – danabot – ea2f34622dce523e0b9d6a05a02f6cb1
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:systembc, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, backdoor, banker, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – ransomware – 48688a2329f8b69a3e0a2c6ea98d80a3
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 48688a2329f8b69a3e0a2c6ea98d80a3SHA1: cb9b12f24391d04cb64cc91e84ef7491179fd87cANALYSIS DATE: 2022-10-27T07:59:00ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 119[.]45[.]123[.]7:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]115[.]161[.]127:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]116[.]169:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]155[.]72[.]251:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – b380e1e367202cf2d7027897c369d252
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b380e1e367202cf2d7027897c369d252SHA1: f7c36a1718735aa28c72737d58b0fc1f673ab50cANALYSIS DATE: 2022-10-27T09:11:43ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
