Cobalt Stike Beacon Detected – 23[.]94[.]202[.]169:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: May 2023
Cobalt Stike Beacon Detected – 172[.]247[.]9[.]220:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BlackCat/ALPHV Ransomware Victim: McDermott International, Ltd
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: EirMed Devices, part of TRELLEBORG
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: KMC Savills
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Sherman Consulting Services
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Tony Clark Consulting
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Willamette Falls
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: American Foam & Packaging
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Aeco was hacked[.] A lot of confidential customer data was stolen[.]
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: ambit[.]co | finvest[.]ambit[.]co Private Banking
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Teler-Waf – A Go HTTP Middleware That Provides Teler IDS Functionality To Protect Against Web-Based Attacks And Improve The Security Of Go-based Web Applications
teler-waf is a comprehensive security solution for Go-based web applications. It acts as an HTTP middleware, providing an easy-to-use interface...
Royal Ransomware Victim: Midwest Truck
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – djvu – 2ce0cb2c47637c78cb7cd07af95d912d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: 2ce0cb2c47637c78cb7cd07af95d912dSHA1: 21c6c43aced8e765ee47043dbe1f90d9e213bf7dANALYSIS DATE: 2023-05-04T15:15:00ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – xworm – 60756214f351f2d6d1a2cb89dc9853b5
Score: 10 MALWARE FAMILY: xwormTAGS:family:xworm, persistence, ransomware, rat, trojanMD5: 60756214f351f2d6d1a2cb89dc9853b5SHA1: 8c478657c1cce1906a72526ed231083ce5a9bed1ANALYSIS DATE: 2023-05-04T15:20:25ZTTPS: T1082, T1053, T1060, T1112, T1012, T1491 ScoreMeaningExample10Known...
Malware Analysis – amadey – 2cd1278453b56dd0a5f0fa7e6d2a7866
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 2cd1278453b56dd0a5f0fa7e6d2a7866SHA1:...
Daily Threat Intelligence – May 04 – 2023
Operating with products that have reached End-of-Life (EoL) is an open invitation to malicious actors. Cisco is warning users of...
Malware Analysis – bootkit – 5d6c95558f08c90419758761bf4ab83d
Score: 10 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, evasion, persistence, ransomware, trojanMD5: 5d6c95558f08c90419758761bf4ab83dSHA1: 7fd6074f848d83879ce2246f4cfc98266043ddafANALYSIS DATE: 2023-05-04T16:07:05ZTTPS: T1012, T1067, T1053, T1060, T1112, T1031,...
Malware Analysis – bootkit – 00f570c756caab8c20ecabdc996c69d3
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, evasion, exploit, persistence, upxMD5: 00f570c756caab8c20ecabdc996c69d3SHA1: 88d2f10c67a4566478e9b2ceddd52cac9b5fdb3bANALYSIS DATE: 2023-05-04T16:18:07ZTTPS: T1222, T1112, T1067, T1012, T1082, T1060,...
Malware Analysis – amadey – 325cca727c1640e9c911a5f45fbc397b
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 325cca727c1640e9c911a5f45fbc397bSHA1:...
Malware Analysis – djvu – 65178f6a1891f152c05326a628e6fa3a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: 65178f6a1891f152c05326a628e6fa3aSHA1: 6a9b6ab36f14db9948e988c68d1b91d733315578ANALYSIS DATE: 2023-05-04T16:10:23ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – evasion – ba5500e35710c6221dbd322e46d80db6
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ba5500e35710c6221dbd322e46d80db6SHA1: da2e8153dc88ffb30d8f0510665cfd93993d2ad2ANALYSIS DATE: 2023-05-04T17:00:16ZTTPS: T1082, T1012, T1491, T1112, T1120, T1102 ScoreMeaningExample10Known badA malware family...
Malware Analysis – evasion – 0df6a3da3b4eb4def6eb111b2dd01a20
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 0df6a3da3b4eb4def6eb111b2dd01a20SHA1: 41d9bebe4d89458709ce7d0407f0a551110f3cb0ANALYSIS DATE: 2023-05-04T16:35:55ZTTPS: T1082, T1012, T1120, T1031, T1491, T1112, T1060, T1130, T1018...
