Year: 2022

Cobalt Stike Beacon Detected – 85[.]208[.]136[.]49:80

December 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – 4a81737439ec7394c244ba47ae77f453

December 7, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4a81737439ec7394c244ba47ae77f453SHA1: 7a7ee53efec9156b2bc971312e872b08c5779e93ANALYSIS DATE: 2022-12-04T00:53:35ZTTPS: T1082, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family...

BlackCat/ALPHV Ransomware Victim: pro office Büro + Wohnkultur GmbH

December 7, 2022

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Reflected Cross Site Scripting (XSS) on https://gamemaker.io/account/dashboard – By abitsec

December 7, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Cobalt Stike Beacon Detected – 154[.]209[.]82[.]138:81

December 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]140[.]251[.]169:443

December 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:80

December 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 118[.]99[.]52[.]143:80

December 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – discovery – 1b09ce5084f72b67a78c10fe5c22fc58

December 7, 2022

Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 1b09ce5084f72b67a78c10fe5c22fc58SHA1: c72043ba63b3bfcff990d26046ab4ff228ebbf0aANALYSIS DATE: 2022-12-04T01:31:46ZTTPS: T1046, T1491, T1112, T1107, T1490, T1082 ScoreMeaningExample10Known badA malware family...

Malware Analysis – teslacrypt – 2c148dd3988aa266627848d27e91f9db

December 7, 2022

Score: 10 MALWARE FAMILY: teslacryptTAGS:family:teslacrypt, persistence, ransomwareMD5: 2c148dd3988aa266627848d27e91f9dbSHA1: 8d6f63b4a598301ee0f689d526a49364c84af82aANALYSIS DATE: 2022-12-04T02:00:50ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family...

Malware Analysis – ransomware – 130d91466c741adb2c80643203e7646f

December 7, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 130d91466c741adb2c80643203e7646fSHA1: 252279e66998b9bfd6819f915ad884f52f2876fdANALYSIS DATE: 2022-12-04T01:22:14ZTTPS: T1107, T1490, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – a8c2aa05fadd124b13514c360dbcfe18

December 7, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a8c2aa05fadd124b13514c360dbcfe18SHA1: d27d0d8d89c8664816442a753d2a8af47bddd2cfANALYSIS DATE: 2022-12-07T10:06:02ZTTPS: T1082, T1005, T1081, T1012,...

Malware Analysis – babuk – 42f5327e3e5a4b238ec51ce0fa5f2e33

December 7, 2022

Score: 10 MALWARE FAMILY: babukTAGS:family:babuk, ransomwareMD5: 42f5327e3e5a4b238ec51ce0fa5f2e33SHA1: 64a39bd9b347a99d9d9bfc54c145ffb076082c26ANALYSIS DATE: 2022-12-07T11:01:26ZTTPS: T1107, T1490, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – babuk – 1f6ea1848c050a59782b67d4516b03a3

December 7, 2022

Score: 10 MALWARE FAMILY: babukTAGS:family:babuk, ransomwareMD5: 1f6ea1848c050a59782b67d4516b03a3SHA1: 96d57e583a660c1ea47ba653eb3e3223e97269f7ANALYSIS DATE: 2022-12-07T10:27:29ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – ransomware – 7bd827803187a8a6ca3c0780e7d8c3da

December 7, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7bd827803187a8a6ca3c0780e7d8c3daSHA1: 8094a512e7d07141fc4713c80b2823a9388198aaANALYSIS DATE: 2022-12-07T11:02:15ZTTPS: T1082, T1107, T1490, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – babuk – fe4843e07dc9b0a11223c5797052d64d

December 7, 2022

Score: 10 MALWARE FAMILY: babukTAGS:family:babuk, ransomwareMD5: fe4843e07dc9b0a11223c5797052d64dSHA1: f3458f864f9c96668900a133d90870ebb7f9e296ANALYSIS DATE: 2022-12-07T10:58:48ZTTPS: T1082, T1107, T1490, T1012, T1120 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – ransomware – 7564bc9a4fa53eb68f6c2d2c701f94e6

December 7, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7564bc9a4fa53eb68f6c2d2c701f94e6SHA1: edea9c96879f55d7b76b3b00f2215db846626e4dANALYSIS DATE: 2022-12-07T11:02:31ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – cfd31737ccacf6e9a0e2ac18cf3445ac

December 7, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: cfd31737ccacf6e9a0e2ac18cf3445acSHA1: 74c615ca54aaff3c5e6734efef04259290c357baANALYSIS DATE: 2022-12-07T11:02:47ZTTPS: T1005, T1081, T1107, T1490 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – babuk – f1dd01a9e4b959e569250354d74e0423

December 7, 2022

Score: 10 MALWARE FAMILY: babukTAGS:family:babuk, ransomwareMD5: f1dd01a9e4b959e569250354d74e0423SHA1: 7e2e524fd33261449571f1334868b17ef46e550dANALYSIS DATE: 2022-12-07T11:03:13ZTTPS: T1012, T1082, T1107, T1490, T1120 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – ransomware – 5ddd2580815e79d108df5152c5e2bbcf

December 7, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 5ddd2580815e79d108df5152c5e2bbcfSHA1: 128722820bed682d650b51edf35ba76dd3377da3ANALYSIS DATE: 2022-12-07T11:02:59ZTTPS: T1082, T1107, T1490, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – 7bfcc0977c491a7e94898824064bd1b8

December 7, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 7bfcc0977c491a7e94898824064bd1b8SHA1: 38a9af9fcdd767dd47cc72a156d4b7212717be6eANALYSIS DATE: 2022-12-07T11:04:35ZTTPS: T1012, T1497, T1082, T1107, T1490, T1120 ScoreMeaningExample10Known badA malware family...

Malware Analysis – snatch – f837a294b2fc311996a0a9f17cfac49c

December 7, 2022

Score: 10 MALWARE FAMILY: snatchTAGS:family:snatch, ransomware, spyware, stealerMD5: f837a294b2fc311996a0a9f17cfac49cSHA1: f16df5bc0d0e8a4283dbcc782bc8a7128784f673ANALYSIS DATE: 2022-12-07T11:03:28ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 4b9eb7effc356c12d0f6f49593b0f85c

December 7, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 4b9eb7effc356c12d0f6f49593b0f85cSHA1: f7ffa9d3683b0952aecf8899a8a3137173e25023ANALYSIS DATE: 2022-12-07T11:03:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 20eee122c6a5cf8537f5488d8bb3b37e

December 7, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 20eee122c6a5cf8537f5488d8bb3b37eSHA1: 0e0bf8188e7e143a15fcf95771b98502804198cbANALYSIS DATE: 2022-12-07T11:04:15ZTTPS: T1005, T1081, T1107, T1490 ScoreMeaningExample10Known badA malware family was...

Year: 2022

Cobalt Stike Beacon Detected – 85[.]208[.]136[.]49:80

Malware Analysis – ransomware – 4a81737439ec7394c244ba47ae77f453

BlackCat/ALPHV Ransomware Victim: pro office Büro + Wohnkultur GmbH

BugCrowd Bug Bounty Disclosure: – Reflected Cross Site Scripting (XSS) on https://gamemaker.io/account/dashboard – By abitsec

Cobalt Stike Beacon Detected – 154[.]209[.]82[.]138:81

Cobalt Stike Beacon Detected – 43[.]140[.]251[.]169:443

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:80

Cobalt Stike Beacon Detected – 118[.]99[.]52[.]143:80

Malware Analysis – discovery – 1b09ce5084f72b67a78c10fe5c22fc58

Malware Analysis – teslacrypt – 2c148dd3988aa266627848d27e91f9db

Malware Analysis – ransomware – 130d91466c741adb2c80643203e7646f

Malware Analysis – djvu – a8c2aa05fadd124b13514c360dbcfe18

Malware Analysis – babuk – 42f5327e3e5a4b238ec51ce0fa5f2e33

Malware Analysis – babuk – 1f6ea1848c050a59782b67d4516b03a3

Malware Analysis – ransomware – 7bd827803187a8a6ca3c0780e7d8c3da

Malware Analysis – babuk – fe4843e07dc9b0a11223c5797052d64d

Malware Analysis – ransomware – 7564bc9a4fa53eb68f6c2d2c701f94e6

Malware Analysis – ransomware – cfd31737ccacf6e9a0e2ac18cf3445ac

Malware Analysis – babuk – f1dd01a9e4b959e569250354d74e0423

Malware Analysis – ransomware – 5ddd2580815e79d108df5152c5e2bbcf

Malware Analysis – evasion – 7bfcc0977c491a7e94898824064bd1b8

Malware Analysis – snatch – f837a294b2fc311996a0a9f17cfac49c

Malware Analysis – ransomware – 4b9eb7effc356c12d0f6f49593b0f85c

Malware Analysis – ransomware – 20eee122c6a5cf8537f5488d8bb3b37e

CVE Alert: CVE-2024-12527

CVE Alert: CVE-2024-12519

CVE Alert: CVE-2024-12520

CVE Alert: CVE-2024-12407

CVE Alert: CVE-2024-12412

You may have missed