US-CERT Bulletin (SB23-030):Vulnerability Summary for the Week of January 23, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Month: January 2023
Vice Society Ransomware Victim: TechInsights
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Societa Italiana Brevetti SpA
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 107[.]189[.]28[.]121:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]163[.]3:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]215[.]85[.]143:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 161[.]35[.]17[.]28:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]8[.]152:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 209[.]141[.]52[.]22:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]196[.]194:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]154[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]81[.]153[.]37:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 156[.]96[.]157[.]120:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]193[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]99[.]189:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 34d6da080af6ae29247f06bcae9292c5
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 34d6da080af6ae29247f06bcae9292c5SHA1: 6b1397afa50fd65b5dc38aac8e6c33ff11f9a1ddANALYSIS DATE: 2023-01-31T10:46:05ZTTPS: T1012, T1082, T1112, T1120, T1102,...
Malware Analysis – smokeloader – ef4734eb6342c1166b64c1597f8c1fed
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ef4734eb6342c1166b64c1597f8c1fedSHA1: 598ad1a4ff2c5e4ed49e14ec89cfd871f9bb83eeANALYSIS DATE: 2023-01-31T09:10:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – eb49b2fd2f173fa20b1ca9f7fd28f6cd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: eb49b2fd2f173fa20b1ca9f7fd28f6cdSHA1: 57afd277746bb9b96970c379eb1e32719a8180f4ANALYSIS DATE: 2023-01-31T09:57:37ZTTPS: T1012, T1222, T1082, T1053,...
Malware Analysis – discovery – f494e416737bbd1ea8af65d9bdfd6934
Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, upxMD5: f494e416737bbd1ea8af65d9bdfd6934SHA1: 3de0d51ea664794278734c7b30d938ceb1495c47ANALYSIS DATE: 2023-01-31T10:32:51ZTTPS: T1082, T1012, T1060, T1112, T1130, T1102, T1018, T1497...
Malware Analysis – djvu – 58860a1c3b2041fef660374813f99273
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, ransomware, stealer, trojan, vmprotectMD5: 58860a1c3b2041fef660374813f99273SHA1: e8d503260b7ca66dfd0ca0e3fffb327c0a6cc7c1ANALYSIS DATE: 2023-01-31T11:17:20ZTTPS: T1222, T1053,...
Malware Analysis – djvu – 8a60eb120c54fec26aa191b030c26d28
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8a60eb120c54fec26aa191b030c26d28SHA1: 6fc0adb8bd283e04d43db47408c3a9f2c26f93c0ANALYSIS DATE: 2023-01-31T11:14:25ZTTPS: T1005, T1081, T1222, T1053,...
Malware Analysis – djvu – 6263cf4ed224f1a7756f3d7c4c83cfda
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6263cf4ed224f1a7756f3d7c4c83cfdaSHA1: 8952d8e4aa5ffd114c09afb07d082e05492b087fANALYSIS DATE: 2023-01-31T10:51:11ZTTPS: T1053, T1060, T1112, T1012,...
Malware Analysis – smokeloader – c8558073caf7732e00775c381de062df
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c8558073caf7732e00775c381de062dfSHA1: c5c51097f6957cdc2feef36d40929bf5ba54cbd3ANALYSIS DATE: 2023-01-31T10:58:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Siretta QUARTZ-GOLD command execution | CVE-2022-42490
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
