Month: February 2023

BlackCat/ALPHV Ransomware Victim: Kerber, Eck & Braeckel LLP

February 8, 2023

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

BlackCat/ALPHV Ransomware Victim: JReynolds

February 8, 2023

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

BlackCat/ALPHV Ransomware Victim: Menken Orlando

February 8, 2023

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

BlackCat/ALPHV Ransomware Victim: El-Mohandes

February 8, 2023

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Malware Analysis – djvu – 874a8573bbe9da63a8026990fd4f7327

February 8, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:laplas, family:smokeloader, botnet:1001, backdoor, banker, clipper, discovery, isfb, persistence, ransomware, stealer, trojanMD5: 874a8573bbe9da63a8026990fd4f7327SHA1: e2a091f4398f1e54672d46abfa51b8928d9dabd5ANALYSIS...

Malware Analysis – lockbit – fe5101b50e92a923d74cc6f0f4225539

February 8, 2023

Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, discovery, evasion, persistence, ransomwareMD5: fe5101b50e92a923d74cc6f0f4225539SHA1: f7a2fc4e471a203c8a5683c02ada2c3931c8f0ecANALYSIS DATE: 2023-02-08T09:00:40ZTTPS: T1490, T1046, T1082, T1107, T1060, T1112 ScoreMeaningExample10Known...

Cobalt Stike Beacon Detected – 190[.]123[.]44[.]214:443

February 8, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 1[.]15[.]247[.]249:8086

February 8, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:444

February 8, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 180[.]184[.]71[.]14:443

February 8, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – smokeloader – 8ffa156806f6de5616d493e5b2b90ee7

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8ffa156806f6de5616d493e5b2b90ee7SHA1: f82515e8f671762f7ec80be38fff330f6d4ce6abANALYSIS DATE: 2023-02-08T09:56:20ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – ab6b2ae0b2922ba977cd338c68b75ba0

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ab6b2ae0b2922ba977cd338c68b75ba0SHA1: e11dc44c5b92e9a4f3188946f5c3edb08b55bf52ANALYSIS DATE: 2023-02-08T09:56:15ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – blackmatter – 930b9c1792a539acdb051af34de91060

February 8, 2023

Score: 10 MALWARE FAMILY: blackmatterTAGS:family:blackmatter, ransomwareMD5: 930b9c1792a539acdb051af34de91060SHA1: 2cda394db71fc67905e31d9e8f4b88ef85a248dcANALYSIS DATE: 2023-02-08T09:11:44ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – smokeloader – 5291189417e7702824378a4ee78c1840

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5291189417e7702824378a4ee78c1840SHA1: bb0d48304546077175252b08f59f008695e9427eANALYSIS DATE: 2023-02-08T09:56:20ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 799c833e24fb71e0caeb546bc132a5e5

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 799c833e24fb71e0caeb546bc132a5e5SHA1: 474164be24010f1f969bd1b15090be9a1081ef97ANALYSIS DATE: 2023-02-08T09:56:30ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – db877af32192fdc5491af19fd5e30983

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: db877af32192fdc5491af19fd5e30983SHA1: 058787ff446ca75ccdaeb592dd68678d4f01553fANALYSIS DATE: 2023-02-08T10:04:17ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 9c2b5b98a1d4f06797789a0bd58cc722

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 9c2b5b98a1d4f06797789a0bd58cc722SHA1: d7ae8cb4ddadd8be514c3ea035676a211f3e94a1ANALYSIS DATE: 2023-02-08T09:56:27ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 6cbd15ef3fa6a26bc90555d1073897ae

February 8, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6cbd15ef3fa6a26bc90555d1073897aeSHA1: 3bb9bd4ac387e338001e870fa31818f04fd34c3bANALYSIS DATE: 2023-02-08T09:56:21ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 0cecc0fdd634ffe7605faf597e6e8283

February 8, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:laplas, family:smokeloader, botnet:1001, backdoor, banker, clipper, discovery, isfb, persistence, ransomware, stealer, trojanMD5: 0cecc0fdd634ffe7605faf597e6e8283SHA1: 3bbdb6599d477bf73b5c0a679c418a80a0dbf141ANALYSIS...

Malware Analysis – persistence – 52b05e7505ad1a8b287ad019764574ac

February 8, 2023

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 52b05e7505ad1a8b287ad019764574acSHA1: bdbf153dde1200c80ae0c4cdbb9d43e155337d67ANALYSIS DATE: 2023-02-08T10:33:00ZTTPS: T1012, T1082, T1120, T1060, T1112 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – discovery – e9d243eb7e4f2576ff96c3143f2fb30d

February 8, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: e9d243eb7e4f2576ff96c3143f2fb30dSHA1: 22bf98b87e9f9adbd2c8e7f7737527a59eb81676ANALYSIS DATE: 2023-02-08T10:04:52ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...

Malware Analysis – – 1e9d4af109f42baa420598b1cb38d307

February 8, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 1e9d4af109f42baa420598b1cb38d307SHA1: 71db2886b1dde3e92bbab3af7be627f253532736ANALYSIS DATE: 2023-02-08T10:46:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – lockbit – 5761ee98b1c2fea31b5408516a8929ea

February 8, 2023

Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, evasion, persistence, ransomwareMD5: 5761ee98b1c2fea31b5408516a8929eaSHA1: 4d043df23e55088bfc04c14dfb9ddb329a703cc1ANALYSIS DATE: 2023-02-08T10:56:37ZTTPS: T1490, T1059, T1107, T1491, T1112, T1018, T1060, T1082...

Malware Analysis – ransomware – 74392d410bd20b67ebd23bdc9b6ec372

February 8, 2023

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 74392d410bd20b67ebd23bdc9b6ec372SHA1: a05c73b391df124349eff51c2b32e54d6822edd8ANALYSIS DATE: 2023-02-08T11:36:17ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Month: February 2023

BlackCat/ALPHV Ransomware Victim: Kerber, Eck & Braeckel LLP

BlackCat/ALPHV Ransomware Victim: JReynolds

BlackCat/ALPHV Ransomware Victim: Menken Orlando

BlackCat/ALPHV Ransomware Victim: El-Mohandes

Malware Analysis – djvu – 874a8573bbe9da63a8026990fd4f7327

Malware Analysis – lockbit – fe5101b50e92a923d74cc6f0f4225539

Cobalt Stike Beacon Detected – 190[.]123[.]44[.]214:443

Cobalt Stike Beacon Detected – 1[.]15[.]247[.]249:8086

Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:444

Cobalt Stike Beacon Detected – 180[.]184[.]71[.]14:443

Malware Analysis – smokeloader – 8ffa156806f6de5616d493e5b2b90ee7

Malware Analysis – smokeloader – ab6b2ae0b2922ba977cd338c68b75ba0

Malware Analysis – blackmatter – 930b9c1792a539acdb051af34de91060

Malware Analysis – smokeloader – 5291189417e7702824378a4ee78c1840

Malware Analysis – smokeloader – 799c833e24fb71e0caeb546bc132a5e5

Malware Analysis – smokeloader – db877af32192fdc5491af19fd5e30983

Malware Analysis – smokeloader – 9c2b5b98a1d4f06797789a0bd58cc722

Malware Analysis – smokeloader – 6cbd15ef3fa6a26bc90555d1073897ae

Malware Analysis – djvu – 0cecc0fdd634ffe7605faf597e6e8283

Malware Analysis – persistence – 52b05e7505ad1a8b287ad019764574ac

Malware Analysis – discovery – e9d243eb7e4f2576ff96c3143f2fb30d

Malware Analysis – – 1e9d4af109f42baa420598b1cb38d307

Malware Analysis – lockbit – 5761ee98b1c2fea31b5408516a8929ea

Malware Analysis – ransomware – 74392d410bd20b67ebd23bdc9b6ec372

CVE Alert: CVE-2024-10215

CVE Alert: CVE-2024-13283

CVE Alert: CVE-2024-13262

CVE Alert: CVE-2025-21598

CVE Alert: CVE-2024-13273

You may have missed