TOP 10 unattributed APT mysteries
Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law...
Year: 2022
LockBit 3.0 Ransomware Victim: kortrijkserijschool[.]be
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: bew[.]co[.]th
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ducanh[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: omegaservices[.]com[.]au
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: uide[.]edu[.]ec
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hriindia[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: galenica[.]ma
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hdhopwood[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kimed[.]pl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – smokeloader – a469bb625be5d13d8aa867f2fa6b4730
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a469bb625be5d13d8aa867f2fa6b4730SHA1: 784aab6c2a854ecd4b30c8e2775f2dbb01bf7c5bANALYSIS DATE: 2022-10-08T02:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 3cea4cf14cd0a2175326d89a281e0e81
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3cea4cf14cd0a2175326d89a281e0e81SHA1: 9db8ea1bf0b6aba56dd689a022b8ad5af6e65523ANALYSIS DATE: 2022-10-08T02:20:36ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – ransomware – 7c12716137f46392a08209d29c9a23c7
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7c12716137f46392a08209d29c9a23c7SHA1: 38d5b9e4d8a61ec929fd1e9a2009db83797e8606ANALYSIS DATE: 2022-10-08T02:27:12ZTTPS: T1107, T1490, T1112, T1203 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – 4cbffe0acf3a42b9d9df109cd3006f5f
Score: 8 MALWARE FAMILY: TAGS:MD5: 4cbffe0acf3a42b9d9df109cd3006f5fSHA1: ce65877cbdfe33049ee8d1004a93826f8c16cf53ANALYSIS DATE: 2022-10-08T02:16:49ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – a618c4ffada12e2682dbf46b595b96d4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a618c4ffada12e2682dbf46b595b96d4SHA1: c479ed5d2e4c30e13849c2a345828708e8c58c0aANALYSIS DATE: 2022-10-08T02:18:00ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – djvu – e931ee5e0c7a7eb47c201828c496e794
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e931ee5e0c7a7eb47c201828c496e794SHA1: 455b3c1d2a56223464c9ad15593e0ffdc00d7b6cANALYSIS DATE: 2022-10-08T03:21:38ZTTPS: T1005, T1081, T1082, T1053,...
Malware Analysis – djvu – 20f6d6a75c4e0f1f0e59f4ce9da4fcdf
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, family:vidar, botnet:17aad1e8aa2ca5164d7690cff1926390, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 20f6d6a75c4e0f1f0e59f4ce9da4fcdfSHA1: f733f55da3f6df46838d86d2b564f6ddf880b571ANALYSIS...
Malware Analysis – smokeloader – 20f6d6a75c4e0f1f0e59f4ce9da4fcdf
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 20f6d6a75c4e0f1f0e59f4ce9da4fcdfSHA1: f733f55da3f6df46838d86d2b564f6ddf880b571ANALYSIS DATE: 2022-10-08T02:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 4d8f01c686b099f19366ee38ac8b423c
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4d8f01c686b099f19366ee38ac8b423cSHA1: 8b12aff95432b1a081a0ab98e8ac12f7a6b98787ANALYSIS DATE: 2022-10-08T03:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4d8f01c686b099f19366ee38ac8b423c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, family:vidar, botnet:17aad1e8aa2ca5164d7690cff1926390, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4d8f01c686b099f19366ee38ac8b423cSHA1: 8b12aff95432b1a081a0ab98e8ac12f7a6b98787ANALYSIS...
Malware Analysis – djvu – 9c4823daf9720caa8ba8cf87334ad4da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 9c4823daf9720caa8ba8cf87334ad4daSHA1: 8fee76d26cc5b1b24c2fca445c7cfebffec9baa7ANALYSIS DATE: 2022-10-08T04:13:47ZTTPS: T1082, T1053, T1005, T1081,...
Malware Analysis – smokeloader – 4167826d2a9574ab9fca45f85f5fd6a0
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4167826d2a9574ab9fca45f85f5fd6a0SHA1: 49a1aa342bd5b9a095f08742612f4ea5ae7e8c6fANALYSIS DATE: 2022-10-08T04:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4167826d2a9574ab9fca45f85f5fd6a0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4167826d2a9574ab9fca45f85f5fd6a0SHA1: 49a1aa342bd5b9a095f08742612f4ea5ae7e8c6fANALYSIS DATE: 2022-10-08T04:32:25ZTTPS:...
Malware Analysis – djvu – 5a8964c1736685a4722e620d684039a8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 5a8964c1736685a4722e620d684039a8SHA1: ac4960c01594cbc5ca318e2750f4c3be8e6d3648ANALYSIS DATE: 2022-10-07T20:06:42ZTTPS: T1222, T1012, T1005, T1081,...
