Vice Society Ransomware Victim: City Lit
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: January 2023
REST-Attacker – Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations
REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining...
Cobalt Stike Beacon Detected – 162[.]33[.]177[.]42:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]178[.]120[.]143:5000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 37[.]220[.]87[.]12:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]83[.]45[.]202:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – lockbit – 2c0eeb266061631845a9e21156801afd
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 2c0eeb266061631845a9e21156801afdSHA1: e112623223602cbcdd95268121c9ea332ba5983eANALYSIS DATE: 2023-01-07T09:04:11ZTTPS: T1491, T1112, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – lockbit – ebe673b2ee28dd65565f2f389279ac47
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, evasion, persistence, ransomwareMD5: ebe673b2ee28dd65565f2f389279ac47SHA1: bcebe09c61d3e6c47aefcb6bca0882752e0053a9ANALYSIS DATE: 2023-01-07T09:03:51ZTTPS: T1490, T1059, T1107, T1060, T1112, T1082, T1018, T1491...
Malware Analysis – lockbit – 00a50f67d713a45cea6dc956c30042c1
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 00a50f67d713a45cea6dc956c30042c1SHA1: bf02ef3db484122b551da73ce83c2aac79bbd2fcANALYSIS DATE: 2023-01-07T09:04:07ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – smokeloader – 721848630792cc8d766f7a66b7dff04e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 721848630792cc8d766f7a66b7dff04eSHA1: b9edbbf6d8ed9aa909583d5cfeb5ccafb8fefd49ANALYSIS DATE: 2023-01-07T09:06:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 333aa9917c09f5ccf2e8c5bb21ab8292
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 333aa9917c09f5ccf2e8c5bb21ab8292SHA1: 890625b934a90264290a1ea636e725eb06ae090aANALYSIS DATE: 2023-01-07T09:51:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 283b4ce9dfbdb15c6f0527b9670fc4ab
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 283b4ce9dfbdb15c6f0527b9670fc4abSHA1: 122f0d7d59d4cac2e3500af8ce5003b435342953ANALYSIS DATE: 2023-01-07T09:17:10ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – asyncrat – ddfdcc11a3e4a5dd265442a5bcea9fcf
Score: 10 MALWARE FAMILY: asyncratTAGS:family:asyncrat, discovery, persistence, ransomware, rat, spyware, stealerMD5: ddfdcc11a3e4a5dd265442a5bcea9fcfSHA1: a98cf41fb793d5c23bef6baac5c5848233c6ff41ANALYSIS DATE: 2023-01-07T10:41:42ZTTPS: T1012, T1082, T1053, T1060, T1120,...
Malware Analysis – smokeloader – b474d30039b51a5fd11deda319dde90d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b474d30039b51a5fd11deda319dde90dSHA1: 0876ca51235b8ee3a2b338c7e73d58cc89a4a416ANALYSIS DATE: 2023-01-07T09:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – – c5bc2f381a335456610ad9eded37ff13
Score: 1 MALWARE FAMILY: TAGS:MD5: c5bc2f381a335456610ad9eded37ff13SHA1: 12164a4a698ae1f7b401aaac67d16a4d2684e9e1ANALYSIS DATE: 2023-01-07T11:05:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – b540bd5385b69b6efdc13929a24a1d94
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: b540bd5385b69b6efdc13929a24a1d94SHA1: 3e50087a02872cb41aa73a1dd57c4bced40c2b5bANALYSIS DATE: 2023-01-07T11:43:58ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – asyncrat – 596e8b4c50fa6579495c12756c3b5f14
Score: 10 MALWARE FAMILY: asyncratTAGS:family:asyncrat, discovery, persistence, ransomware, ratMD5: 596e8b4c50fa6579495c12756c3b5f14SHA1: de331021e0b2f8fcb792db5cef59472c1964b3bfANALYSIS DATE: 2023-01-07T11:12:40ZTTPS: T1012, T1082, T1120, T1112, T1060, T1042, T1053...
Malware Analysis – smokeloader – cfd57a3bbe2a49525cc1ff6183cc2085
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cfd57a3bbe2a49525cc1ff6183cc2085SHA1: a2310517555e207a3c016364df67215dc69f7c33ANALYSIS DATE: 2023-01-07T11:26:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Brute Ratel C4 Detected – 18[.]178[.]100[.]187:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Discourse cross-site scripting | CVE-2023-22454
NAME__________Discourse cross-site scriptingPlatforms Affected:Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Qualcomm Snapdragon products code execution | CVE-2022-33276
NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local attacker to execute arbitrary code...
Qualcomm Snapdragon products code execution | CVE-2022-33219
NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Risk Level:9.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local attacker to execute arbitrary code...
Qualcomm Snapdragon products information disclosure | CVE-2022-33252
NAME__________Qualcomm Snapdragon products information disclosurePlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Qualcomm Snapdragon products could allow a remote attacker to obtain sensitive information,...
Qualcomm Snapdragon products information disclosure | CVE-2022-33284
NAME__________Qualcomm Snapdragon products information disclosurePlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Qualcomm Snapdragon products could allow a remote attacker to obtain sensitive information,...
