BlackCat/ALPHV Ransomware Victim: Buffco Production, Inc[.]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Month: January 2023
Cobalt Stike Beacon Detected – 91[.]215[.]85[.]183:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]136[.]219:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]132[.]122[.]84:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]238[.]114[.]144:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – fe53c14f50ee7a0582d62715fd824056
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:@2023@new, backdoor, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: fe53c14f50ee7a0582d62715fd824056SHA1: d844915b144b559295936cc8fe12232b925da893ANALYSIS...
Malware Analysis – djvu – 486033dcb4db27a1157bc1531dfb6fa7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 486033dcb4db27a1157bc1531dfb6fa7SHA1: c83d60beb9722f97661635da7cb7e065ad75438fANALYSIS DATE: 2023-01-08T09:26:26ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – – 326c4f6e417c419eddf40f8d1035e046
Score: 1 MALWARE FAMILY: TAGS:MD5: 326c4f6e417c419eddf40f8d1035e046SHA1: a96cfd2b0e59688e26f7b9cf3b5a6980e6f805beANALYSIS DATE: 2023-01-08T10:31:17ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – c4dd2d3cd811e87ae1ceaa1b9718f4a1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: c4dd2d3cd811e87ae1ceaa1b9718f4a1SHA1: c469300e4e6b78f84cf3cbbd6095c840c031df8fANALYSIS DATE: 2023-01-08T09:39:32ZTTPS: T1112,...
Brute Ratel C4 Detected – 18[.]180[.]186[.]166:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Malware Analysis – ransomware – 31656fb93e948d7c349457d7f5c6dfec
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 31656fb93e948d7c349457d7f5c6dfecSHA1: 0ae36846ff75ee88660bfe2d9f59f5b49564d3c0ANALYSIS DATE: 2023-01-08T10:36:03ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – lockergoga – 16bcc3b7f32c41e7c7222bf37fe39fe6
Score: 10 MALWARE FAMILY: lockergogaTAGS:family:lockergoga, banker, ransomware, trojanMD5: 16bcc3b7f32c41e7c7222bf37fe39fe6SHA1: a25bc5442c86bdeb0dec6583f0e80e241745fb73ANALYSIS DATE: 2023-01-08T10:37:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – 4e842f7e1ac9182d03f7234b0700656d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4e842f7e1ac9182d03f7234b0700656dSHA1: b1e3bca3859d22ca45fc9fda20ee1c3ca070cddeANALYSIS DATE: 2023-01-08T11:40:46ZTTPS: T1053, T1005, T1081, T1060,...
Malware Analysis – ransomware – 59631f469b3a3781d8bcf3174e91d3cc
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 59631f469b3a3781d8bcf3174e91d3ccSHA1: ec6bf09a09ba3810b7124d06f7f7f84d6038f1faANALYSIS DATE: 2023-01-08T10:33:04ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Zoom Rooms for Windows installers privilege escalation | CVE-2022-36930
NAME__________Zoom Rooms for Windows installers privilege escalationPlatforms Affected:Zoom Zoom Rooms for Windows clients 5.12Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Zoom Rooms for Windows...
Zoom Rooms for macOS privilege escalation | CVE-2022-36927
NAME__________Zoom Rooms for macOS privilege escalationPlatforms Affected:Zoom Zoom Rooms for macOS 5.11Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Zoom Rooms for macOS could allow...
Zoom Rooms for macOS privilege escalation | CVE-2022-36926
NAME__________Zoom Rooms for macOS privilege escalationPlatforms Affected:Zoom Zoom Rooms for macOS 5.11Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Zoom Rooms for macOS could allow...
Daily Vulnerability Trends: Sun Jan 08 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2020-28362Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.CVE-2022-43931Out-of-bounds write...
HackerOne Bug Bounty Disclosure: heic-image-preview-can-be-used-to-invoke-imagickbylukasreschkenc
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschkenc lukasreschkenc Report HEIC image preview can be used to invoke Imagick Full Report...
LockBit 3.0 Ransomware Victim: juarez[.]gob[.]mx
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: takamiya[.]co
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: 100x100banco[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Duty Free Philippines
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Swift Academies
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
