US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Month: April 2023
Scriptkiddi3 – Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script...
Nmap-API – Uses Python3.10, Debian, python-Nmap, And Flask Framework To Create A Nmap API That Can Do Scans With A Good Speed Online And Is Easy To Deploy
Uses python3.10, Debian, python-Nmap, and flask framework to create a Nmap API that can do scans with a good speed...
Royal Ransomware Victim: Swanson Group
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Moon Capital
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings...
What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its...
Malware Analysis – ransomware – 9fd40b68825eb9aa79d9f2b106aaf59e
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 9fd40b68825eb9aa79d9f2b106aaf59eSHA1: 9b30c9ed81fea0f414a7cb9f1496616a35339f18ANALYSIS DATE: 2023-04-11T16:19:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – da7ba70077b15294e39bd92ff7989b99
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da7ba70077b15294e39bd92ff7989b99SHA1: 66584515852401e7e4b90fb810d2df7a599f7201ANALYSIS DATE: 2023-04-17T15:41:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 163e651162f292028ca9a8d7f1ed7340
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 163e651162f292028ca9a8d7f1ed7340SHA1: a85ff9091f298ea2d6823a7b0053daa08b237423ANALYSIS DATE: 2023-04-17T15:08:20ZTTPS: T1005, T1081, T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA...
Malware Analysis – smokeloader – cb64985632f35fa9bdd30b7b348b1522
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb64985632f35fa9bdd30b7b348b1522SHA1: b0caef4db6825c18c024fc4b93e0e7b164cb59c5ANALYSIS DATE: 2023-04-17T16:09:19ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 013e7b9f96797555fa6207a31ea66a60
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: 013e7b9f96797555fa6207a31ea66a60SHA1: 3e2a7079228298bd9f2fb945fdfdb05f8b853660ANALYSIS DATE: 2023-04-17T16:17:06ZTTPS: T1082, T1053, T1012, T1060,...
Malware Analysis – djvu – ca6f44d1cc12231f26c34c9dfb262f95
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: ca6f44d1cc12231f26c34c9dfb262f95SHA1: d1a250eaf85eb482d0e7ee6a13b7938f0fe234f9ANALYSIS DATE: 2023-04-17T15:53:20ZTTPS: T1060, T1112, T1222, T1012,...
Malware Analysis – ransomware – 1a3aa753fbc8877bdebc46ee93512cb4
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1a3aa753fbc8877bdebc46ee93512cb4SHA1: 1cb7f822d252d75cc490cab2a1c4a280675ceb6fANALYSIS DATE: 2023-04-17T16:18:52ZTTPS: T1082, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – persistence – 7f9ac429e16252648618ddcb9b3886a1
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 7f9ac429e16252648618ddcb9b3886a1SHA1: 0f4de1a4b065a5f154a4b843cfc58325bb3b4e0fANALYSIS DATE: 2023-04-17T17:10:56ZTTPS: T1004, T1112, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 7928c50cae4ebd08e65423ff46c4e9b0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: 7928c50cae4ebd08e65423ff46c4e9b0SHA1: e8678f10645d7226175c80166a3b76cb9173faffANALYSIS DATE: 2023-04-17T17:01:36ZTTPS: T1082, T1053, T1005, T1081,...
Malware Analysis – smokeloader – 671a5553c82fb95a3c5711707d0b7d39
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 671a5553c82fb95a3c5711707d0b7d39SHA1: d041d72966e651e8ad0674a179371aec2bd62349ANALYSIS DATE: 2023-04-17T17:17:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – a3ef7f3fab1b3bd5fe855c0d1c271fa8
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a3ef7f3fab1b3bd5fe855c0d1c271fa8SHA1: 30e840f8c5c8518e095b2f14256d6dbe466d5bfaANALYSIS DATE: 2023-04-17T17:10:28ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – wannacry – 0a3b63a9039391a6a5ea3918c7e8a837
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 0a3b63a9039391a6a5ea3918c7e8a837SHA1: 20fd851be1189e6d2e9000bb0a0e4ebf7882310fANALYSIS DATE: 2023-04-17T17:36:52ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – gandcrab – 084b358278f51b1040d20508a323020c
Score: 10 MALWARE FAMILY: gandcrabTAGS:family:gandcrab, backdoor, ransomware, spyware, stealerMD5: 084b358278f51b1040d20508a323020cSHA1: 8766b2475467f8314fe3916b4df540705fbcc8d1ANALYSIS DATE: 2023-04-17T17:57:14ZTTPS: T1012, T1120, T1082, T1005, T1081, T1107, T1490...
Malware Analysis – evasion – bb703f4d9d67f2f777fee75b4f3b5029
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: bb703f4d9d67f2f777fee75b4f3b5029SHA1: ec055096e8d8ac62e9d6d5fd419fd4d89a694579ANALYSIS DATE: 2023-04-17T17:57:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
