Posh C2 Detected – 94[.]130[.]106[.]165:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Month: January 2023
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These...
Royal Ransomware Victim: Ruhrpumpen
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
HIVE Ransomware Victim: G[.]W[.] Becker
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA: Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms Drupal has released a security update to address a...
LockBit 3.0 Ransomware Victim: lloyddowson[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: muellergartenbau[.]ch
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: versteden[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: lidestrifoodanddrink[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: nuxe[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: russellfinex[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 101[.]43[.]109[.]197:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]110[.]152[.]25:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
KRIe – Linux Kernel Runtime Integrity With eBPF
KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a...
Cobalt Stike Beacon Detected – 43[.]143[.]45[.]237:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]29[.]1[.]212:9088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 13[.]211[.]122[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]85[.]177[.]52:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – evasion – fefd16276a420a89681e28fffefd0b4a
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: fefd16276a420a89681e28fffefd0b4aSHA1: 7cb58f1143acd578a4085d36d1462b0465e64f6aANALYSIS DATE: 2023-01-12T09:12:11ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – evasion – 1e288142a45ebe7244ab899798cea643
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 1e288142a45ebe7244ab899798cea643SHA1: 078295d1cda8319ed69f64b5443e4d89705d8523ANALYSIS DATE: 2023-01-12T09:04:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – smokeloader – 7a806996e4de228c9b3e60b9de5c4640
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 7a806996e4de228c9b3e60b9de5c4640SHA1: 8ba775b47660510c4ba37b45ef7407cec9f9cb46ANALYSIS DATE: 2023-01-12T09:56:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – e2f5aa85d03fb41ad591e198090eb8e8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e2f5aa85d03fb41ad591e198090eb8e8SHA1: 58834f285e6e8d58444cb6b766216508757c3e0aANALYSIS DATE: 2023-01-12T09:41:51ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – ransomware – e87af2137d80d0bc082fe0f103f47166
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e87af2137d80d0bc082fe0f103f47166SHA1: 101f67e9078e4774bb38da6775f08a3cafd20843ANALYSIS DATE: 2023-01-12T10:09:47ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – darkcomet – 19c677bb8cda5703f42c143bb4251e6a
Score: 10 MALWARE FAMILY: darkcometTAGS:family:darkcomet, family:njrat, family:xmrig, discovery, evasion, miner, persistence, ransomware, rat, spyware, stealer, trojan, upxMD5: 19c677bb8cda5703f42c143bb4251e6aSHA1: ad85336a7304a4e58b2a4f5c40b02f578aa00923ANALYSIS DATE:...