Year: 2022

CISA: CISA Updates Advisory on #StopRansomware: Cuba Ransomware

December 13, 2022

CISA Updates Advisory on #StopRansomware: Cuba Ransomware The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory...

CISA: NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

December 13, 2022

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing Today, the National Security Agency (NSA), CISA,...

CISA: Mozilla Releases Security Updates for Thunderbird and Firefox

December 13, 2022

Mozilla Releases Security Updates for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and...

Lockbit ransomware gang hacked California Department of Finance

December 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit...

Royal Ransomware Victim: Pinnacle Communications

December 13, 2022

RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...

Malware Analysis – smokeloader – 99b30ce88338d76e93f774c3446b266c

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 99b30ce88338d76e93f774c3446b266cSHA1: 5e2a78c5bcbb25eaa7312e21dd4cf2cefe286414ANALYSIS DATE: 2022-12-13T15:42:45ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 538bd2135f2955ebfad3522e2a54ddc0

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 538bd2135f2955ebfad3522e2a54ddc0SHA1: e3900fca609cf51f98a60b69745c498db25d9a69ANALYSIS DATE: 2022-12-13T15:21:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Black Basta Ransomware Victim: Petmate

December 13, 2022

Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

HackerOne Bug Bounty Disclosure: dos-via-markdown-api-from-unauthenticated-userbylegit-security

December 13, 2022

Programme HackerOne GitHub GitHub Submitted by legit-security legit-security Report DoS via markdown API from unauthenticated user Full Report A considerable...

Malware Analysis – djvu – ea2bdaaa07f55f051854169dd7935030

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: ea2bdaaa07f55f051854169dd7935030SHA1: e3394bb238bdeaada0e336599252e32845a2c24cANALYSIS DATE: 2022-12-13T16:55:24ZTTPS: T1222, T1082, T1012, T1005, T1081, T1060,...

Malware Analysis – smokeloader – e69068207da80898e29bc323d48bb525

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e69068207da80898e29bc323d48bb525SHA1: d4833c819665612335ef0da2b27a3ac6162e5275ANALYSIS DATE: 2022-12-13T16:34:37ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – cc8c8aeec869788fd53a469f85964f37

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: cc8c8aeec869788fd53a469f85964f37SHA1: 43728baf80a83ddd6b4714a65e80c25e25b03b95ANALYSIS DATE:...

Malware Analysis – smokeloader – 3e469659cd268a9ec6f0c2a8849cb2ef

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3e469659cd268a9ec6f0c2a8849cb2efSHA1: 42a38f3e8f5e4bdc96465699f17ba50294768074ANALYSIS DATE: 2022-12-13T16:06:44ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – persistence – bfa097160d430d91d7d0cdd4497a215b

December 13, 2022

Score: 8 MALWARE FAMILY: persistenceTAGS:persistenceMD5: bfa097160d430d91d7d0cdd4497a215bSHA1: 6f30e19647a3043af7fc34dc68a46d62060c0388ANALYSIS DATE: 2022-12-13T17:58:03ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – smokeloader – 136bcc886a63253f4436f314c6c34fd1

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 136bcc886a63253f4436f314c6c34fd1SHA1: 4f549c93d6ca139e3210f8f2895303f4bf7e41d4ANALYSIS DATE: 2022-12-13T17:47:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – 40a81f8f9222d7a3ecee4f41dd5af21e

December 13, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:amddriveer1.2.3, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:sila, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware,...

Malware Analysis – smokeloader – 26bf0c1ccea1c8d9ee1c58a38ff11043

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 26bf0c1ccea1c8d9ee1c58a38ff11043SHA1: 1b17db6ed46ac1070ff83ab97249a8653f99b2d7ANALYSIS DATE: 2022-12-13T17:00:26ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Year: 2022

CISA: CISA Updates Advisory on #StopRansomware: Cuba Ransomware

CISA: NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

CISA: Mozilla Releases Security Updates for Thunderbird and Firefox

Lockbit ransomware gang hacked California Department of Finance

Royal Ransomware Victim: Pinnacle Communications

Malware Analysis – smokeloader – 99b30ce88338d76e93f774c3446b266c

Malware Analysis – smokeloader – 538bd2135f2955ebfad3522e2a54ddc0

Black Basta Ransomware Victim: Petmate

HackerOne Bug Bounty Disclosure: dos-via-markdown-api-from-unauthenticated-userbylegit-security

Malware Analysis – djvu – ea2bdaaa07f55f051854169dd7935030

Malware Analysis – smokeloader – e69068207da80898e29bc323d48bb525

Malware Analysis – djvu – cc8c8aeec869788fd53a469f85964f37

Malware Analysis – smokeloader – 3e469659cd268a9ec6f0c2a8849cb2ef

Malware Analysis – persistence – bfa097160d430d91d7d0cdd4497a215b

Malware Analysis – smokeloader – 136bcc886a63253f4436f314c6c34fd1

Malware Analysis – amadey – 40a81f8f9222d7a3ecee4f41dd5af21e

Malware Analysis – smokeloader – 26bf0c1ccea1c8d9ee1c58a38ff11043

CISA: Citrix Releases Security Updates for Citrix ADC, Citrix Gateway

Experts detailed a previously undetected VMware ESXi backdoor

Codecepticon – .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code

Cobalt Stike Beacon Detected – 120[.]232[.]254[.]134:7788

Cobalt Stike Beacon Detected – 114[.]116[.]99[.]27:6666

Cobalt Stike Beacon Detected – 84[.]32[.]190[.]139:80

Cobalt Stike Beacon Detected – 82[.]157[.]125[.]21:443

Cobalt Strike Beacon Detected – 47[.]96[.]143[.]115:8086

Cobalt Strike Beacon Detected – 8[.]217[.]7[.]159:4321

[BLACKBASTA] – Ransomware Victim: bnext[.]nl

[BLACKBASTA] – Ransomware Victim: migonline[.]com

[CLOP] – Ransomware Victim: EKOMERCIO[.]COM

You may have missed