Year: 2022

Cobalt Stike Beacon Detected – 216[.]24[.]243[.]168:80

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – amadey – 5df874231d141b13529bffe2911bc778

December 30, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:gozi, family:lgoogloader, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:22500, botnet:letgo, backdoor, banker, collection, discovery, downloader,...

Malware Analysis – – 5289a6c4355fe890b559b1c11fb17579

December 30, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 5289a6c4355fe890b559b1c11fb17579SHA1: 584bab1091decce0c3b40d0fc45660bc85e09af0ANALYSIS DATE: 2022-12-30T10:36:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – smokeloader – b2a71e14744434e269270fb92ea91025

December 30, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b2a71e14744434e269270fb92ea91025SHA1: fc4bb78d188859b6bf5a1d559e82d027b25aaf33ANALYSIS DATE: 2022-12-30T10:33:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 880e66f357f058a6800bd3dff1803d80

December 30, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, ransomwareMD5: 880e66f357f058a6800bd3dff1803d80SHA1: 7884cc0f7e590e227c2fbe77968694b2de48b4d1ANALYSIS DATE: 2022-12-30T11:51:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Cobalt Stike Beacon Detected – 47[.]243[.]200[.]118:80

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 96[.]43[.]92[.]72:80

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 143[.]198[.]100[.]10:443

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 110[.]41[.]131[.]105:7777

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

LockBit 3.0 Ransomware Victim: amundson[.]co[.]nz

December 30, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – discovery – 45373f75c382eca0c44cba6915d7f6b7

December 30, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 45373f75c382eca0c44cba6915d7f6b7SHA1: 34ed4532d48a8d58bb845f5c6a5927aaa260fab9ANALYSIS DATE: 2022-12-30T02:54:11ZTTPS: T1012, T1082, T1060, T1112, T1042, T1102 ScoreMeaningExample10Known badA malware...

Malware Analysis – ransomware – eba9aff7ae0edf500c45fce78e3c140f

December 30, 2022

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: eba9aff7ae0edf500c45fce78e3c140fSHA1: 415e033d422aa566573619bf9041db191ea3b117ANALYSIS DATE: 2022-12-30T04:04:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – amadey – de4be5fa69af47c8d579e1cc51ecbd24

December 30, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:gozi, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, botnet:22500, backdoor, banker, collection, discovery, downloader, isfb, persistence, ransomware,...

Malware Analysis – djvu – 6fd37142b5ea785d4e150d83052df3de

December 30, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6fd37142b5ea785d4e150d83052df3deSHA1: e9aa1d49600536729320c281ef408921fd885a90ANALYSIS DATE: 2022-12-30T03:58:24ZTTPS: T1005, T1081, T1012, T1222,...

Malware Analysis – amadey – b5f0d1af9148fca94db5887351a06974

December 30, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:gozi, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, botnet:22500, backdoor, banker, collection, discovery, downloader, infostealer, isfb,...

Malware Analysis – phobos – 715bb8ece6c740ab68a9aa2f4eb0aa04

December 30, 2022

Score: 10 MALWARE FAMILY: phobosTAGS:family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: 715bb8ece6c740ab68a9aa2f4eb0aa04SHA1: 6fef9bbee0ef34c8e0bbc2510eb14c7751329577ANALYSIS DATE: 2022-12-30T05:13:03ZTTPS: T1490, T1059, T1107, T1060, T1112, T1005,...

Malware Analysis – discovery – 9c959f91b124b46d82ee52eeef1505ba

December 30, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 9c959f91b124b46d82ee52eeef1505baSHA1: ebcbcac2045d571019a9d797b610b3ac148424a1ANALYSIS DATE: 2022-12-30T05:14:42ZTTPS: T1012, T1102, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware...

Malware Analysis – phobos – a6b6c9f529bbac5973236d91a65a80a6

December 30, 2022

Score: 10 MALWARE FAMILY: phobosTAGS:family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: a6b6c9f529bbac5973236d91a65a80a6SHA1: d0eb443e04ecf1ac64eddd8a4b0eacaa5d3222feANALYSIS DATE: 2022-12-30T05:22:03ZTTPS: T1490, T1059, T1107, T1060, T1112, T1031,...

Malware Analysis – phobos – 25e0c92a4e1d058d5a04089efe63b290

December 30, 2022

Score: 10 MALWARE FAMILY: phobosTAGS:family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: 25e0c92a4e1d058d5a04089efe63b290SHA1: 0f34c29d2ce181dbe88bcb5d28ea8aa3c5bbd5e3ANALYSIS DATE: 2022-12-30T05:23:03ZTTPS: T1490, T1059, T1107, T1031, T1060, T1112,...

Malware Analysis – djvu – f891b2289720468df1c4e8bd715445bb

December 30, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: f891b2289720468df1c4e8bd715445bbSHA1: e8243516f0e21048dd96d3a88c18248c611e3369ANALYSIS DATE: 2022-12-30T05:30:06ZTTPS: T1060, T1112, T1222, T1082, T1053,...

Malware Analysis – djvu – eb1aabb044efe23bdd1b84a58d66feb4

December 30, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: eb1aabb044efe23bdd1b84a58d66feb4SHA1: 604a9ea5a26aa61fe4a3650b91a8fe8d36247ddcANALYSIS DATE: 2022-12-30T05:52:09ZTTPS: T1082, T1012, T1222, T1005,...

Malware Analysis – phobos – c5d5171d5af7b55de4056c8ef928b6d2

December 30, 2022

Score: 10 MALWARE FAMILY: phobosTAGS:family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: c5d5171d5af7b55de4056c8ef928b6d2SHA1: 62f92ae34f886ae7c77f5c3eaf52fecdb00d6b77ANALYSIS DATE: 2022-12-30T05:23:03ZTTPS: T1490, T1059, T1107, T1005, T1081, T1060,...

Malware Analysis – amadey – 4619b57f0aa69fbf3cce99b690019581

December 30, 2022

Cobalt Stike Beacon Detected – 163[.]123[.]142[.]146:443

December 30, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Year: 2022

Cobalt Stike Beacon Detected – 216[.]24[.]243[.]168:80

Malware Analysis – amadey – 5df874231d141b13529bffe2911bc778

Malware Analysis – – 5289a6c4355fe890b559b1c11fb17579

Malware Analysis – smokeloader – b2a71e14744434e269270fb92ea91025

Malware Analysis – djvu – 880e66f357f058a6800bd3dff1803d80

Cobalt Stike Beacon Detected – 47[.]243[.]200[.]118:80

Cobalt Stike Beacon Detected – 96[.]43[.]92[.]72:80

Cobalt Stike Beacon Detected – 143[.]198[.]100[.]10:443

Cobalt Stike Beacon Detected – 110[.]41[.]131[.]105:7777

LockBit 3.0 Ransomware Victim: amundson[.]co[.]nz

Malware Analysis – discovery – 45373f75c382eca0c44cba6915d7f6b7

Malware Analysis – ransomware – eba9aff7ae0edf500c45fce78e3c140f

Malware Analysis – amadey – de4be5fa69af47c8d579e1cc51ecbd24

Malware Analysis – djvu – 6fd37142b5ea785d4e150d83052df3de

Malware Analysis – amadey – b5f0d1af9148fca94db5887351a06974

Malware Analysis – phobos – 715bb8ece6c740ab68a9aa2f4eb0aa04

Malware Analysis – discovery – 9c959f91b124b46d82ee52eeef1505ba

Malware Analysis – phobos – a6b6c9f529bbac5973236d91a65a80a6

Malware Analysis – phobos – 25e0c92a4e1d058d5a04089efe63b290

Malware Analysis – djvu – f891b2289720468df1c4e8bd715445bb

Malware Analysis – djvu – eb1aabb044efe23bdd1b84a58d66feb4

Malware Analysis – phobos – c5d5171d5af7b55de4056c8ef928b6d2

Malware Analysis – amadey – 4619b57f0aa69fbf3cce99b690019581

Cobalt Stike Beacon Detected – 163[.]123[.]142[.]146:443

[LOCKBIT3] – Ransomware Victim: copral[.]com[.]br

[APT73] – Ransomware Victim: www[.]certifiedinfosec[.]com

[BLACKBASTA] – Ransomware Victim: vossko[.]de

[BLACKBASTA] – Ransomware Victim: lornestewartgroup[.]com

[BLACKBASTA] – Ransomware Victim: beko-technologies[.]com

You may have missed