Cobalt Stike Beacon Detected – 1[.]13[.]14[.]225:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2022
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]237:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]71[.]8[.]186:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 7fd2e6479af433d6a531e420df24ea79
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7fd2e6479af433d6a531e420df24ea79SHA1: e2f3e894d475b6e3d8ced40ad7dccc7036fc4132ANALYSIS DATE: 2022-12-06T12:02:15ZTTPS: T1112, T1491 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 0064fed35865f9a9ecdca6c85ab52767
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 0064fed35865f9a9ecdca6c85ab52767SHA1: 7184c303cbcb09c8e2716571818bc5e19630a9d2ANALYSIS DATE: 2022-12-10T21:58:26ZTTPS: T1060, T1112, T1222 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 692bfb53296c9843c95a447db91aa075
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 692bfb53296c9843c95a447db91aa075SHA1: 0837bd52360bbbd1f7ce0a1d8c7407637dc3b25bANALYSIS DATE: 2022-12-10T22:16:06ZTTPS: T1222, T1082, T1012, T1005,...
Malware Analysis – djvu – c637e6b956a3968199a842f7fcfd85d4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, trojanMD5: c637e6b956a3968199a842f7fcfd85d4SHA1: b71d01eb630a3e192d954712e09d61dbfd576a3dANALYSIS DATE: 2022-12-10T22:43:03ZTTPS:...
Malware Analysis – djvu – 09d8522575ca5e5a72c7f7b8c0ec25ef
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, ransomware, trojanMD5: 09d8522575ca5e5a72c7f7b8c0ec25efSHA1: 48157e9cb274e9d0f1b0bc2e83c0bff31e43a34aANALYSIS DATE: 2022-12-10T21:40:55ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family...
Posh C2 Detected – 159[.]223[.]20[.]20:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
AzureGraph – Azure AD Enumeration Over MS Graph
AzureGraph is an Azure AD information gathering tool over Microsoft Graph. Thanks to Microsoft Graph technology, it is possible to...
HIVE Ransomware Victim: KNOX College
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – discovery – 8a6217d94e1bcbabdd1dfcdcaa83d1b3
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 8a6217d94e1bcbabdd1dfcdcaa83d1b3SHA1: 99b81b01f277540f38ea3e96c9c6dc2a57dfeb92ANALYSIS DATE: 2022-12-10T15:06:33ZTTPS: T1082, T1112, T1042, T1060, T1012 ScoreMeaningExample10Known badA malware family...
Malware Analysis – dcrat – 86f5c0ac5d7174289a605ba00ffdb417
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:vidar, botnet:517, botnet:mario23_10, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealerMD5: 86f5c0ac5d7174289a605ba00ffdb417SHA1:...
Malware Analysis – dcrat – 337e23be35ce48644c600dfa6e621935
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – 3580aa18f94b7334e5af86a9df3179f7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3580aa18f94b7334e5af86a9df3179f7SHA1: 011ff27d6e1ae18b56b6c392ce48549632993e62ANALYSIS DATE: 2022-12-10T15:55:50ZTTPS: T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 02f83fe24845fc6e11673865f3e638a6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, botnet:mario23_10, bootkit, collection, discovery, infostealer, persistence, ransomware, spywareMD5: 02f83fe24845fc6e11673865f3e638a6SHA1: e534e469071fcdb04268dd7167b3f6aba6f98a0fANALYSIS DATE: 2022-12-10T15:31:45ZTTPS: T1012, T1120,...
Malware Analysis – djvu – c3488db7bcf308cdc6e6b142dfb5393e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c3488db7bcf308cdc6e6b142dfb5393eSHA1: be86e3e28b8c42f2bfa3436bfb19cd4945c832f0ANALYSIS DATE: 2022-12-10T17:03:12ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – dcrat – 60ff077bb695fbf5542a70c57825a5c4
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – 948fa46063f9f65bcfafe46c43771ffe
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 948fa46063f9f65bcfafe46c43771ffeSHA1: 5d7bae7461613a3ba11b4acdf4b6207e0e71039aANALYSIS DATE: 2022-12-10T17:11:32ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – 82fd30cac3fbe60424f8b68a42dfaf18
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 82fd30cac3fbe60424f8b68a42dfaf18SHA1: 7f3bef20950b0acc170beb97d94d626fe0627284ANALYSIS DATE: 2022-12-10T17:24:25ZTTPS: T1060, T1112, T1222, T1082, T1012 ScoreMeaningExample10Known badA malware...
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a...
LockBit 3.0 Ransomware Victim: rhotelja[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: oltax[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hawanasalalah[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
