LockBit 3.0 Ransomware Victim: biotipo[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2022
LockBit 3.0 Ransomware Victim: koda[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US HHS warns healthcare orgs of Royal Ransomware attacks
The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The human-operated Royal ransomware...
Malware Analysis – xorist – 60d155a69731675bb493c707ae205c96
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, upxMD5: 60d155a69731675bb493c707ae205c96SHA1: 22d7741ea994b80188a8d43955083c760553cb99ANALYSIS DATE: 2022-12-06T00:47:17ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 183[.]57[.]37[.]247:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]95[.]44[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – c86a231363e8d7aa4d0acf13442ed998
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: c86a231363e8d7aa4d0acf13442ed998SHA1: e7ceb5a16b0563c220a796af88b1e2e02525763aANALYSIS DATE: 2022-12-10T09:46:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dcrat – f42012648010b8dddc5d023e46e64144
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – cerber – a57745a30d63f511d28aa43e4b710e1c
Score: 10 MALWARE FAMILY: cerberTAGS:family:cerber, evasion, persistence, ransomware, spyware, stealerMD5: a57745a30d63f511d28aa43e4b710e1cSHA1: 5985e7d1831784fd15de2cc62451deb16b65b046ANALYSIS DATE: 2022-12-10T09:32:04ZTTPS: T1490, T1107, T1158, T1112, T1082, T1005,...
Malware Analysis – xorist – 5e9b5b1d952c74996c7f12dba611f205
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: 5e9b5b1d952c74996c7f12dba611f205SHA1: 10458ae6b4a18d93301099f66c7560d2e2fb2d4bANALYSIS DATE: 2022-12-06T00:47:19ZTTPS: T1060, T1112, T1005, T1081 ScoreMeaningExample10Known badA...
Cobalt Stike Beacon Detected – 39[.]107[.]105[.]128:2087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]81[.]59:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]132[.]155[.]224:1433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]130[.]228[.]116:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – dcrat – 5eb828dff6222ddbe9a3ee89ccf031c5
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – dcrat – 2c6e6e290972fcd5e556efccfd51f174
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware,...
Cobalt Stike Beacon Detected – 179[.]43[.]154[.]154:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 3e132606c5205c1200f61a3dd211c794
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3e132606c5205c1200f61a3dd211c794SHA1: 00ef28583d621983254fb0285fcd1084e0d4d030ANALYSIS DATE: 2022-12-10T09:47:23ZTTPS: T1060, T1112, T1222, T1012,...
Malware Analysis – dcrat – 545edb09eef6849f6c2b3f87b3dfc5d3
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:vidar, botnet:517, botnet:mario23_10, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealerMD5: 545edb09eef6849f6c2b3f87b3dfc5d3SHA1:...
Cobalt Stike Beacon Detected – 20[.]90[.]90[.]172:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 134[.]19[.]178[.]213:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]163[.]195[.]148:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Daily Vulnerability Trends: Sat Dec 10 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41717An attacker can cause excessive memory growth in a Go server accepting...
How to train your Ghidra
Getting started with Ghidra For about two decades, being a reverse engineer meant that you had to master the ultimate...
