Cobalt Stike Beacon Detected – 185[.]254[.]37[.]224:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Malware Analysis – djvu – fdb3b4e164be8240eb338058600c21a4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: fdb3b4e164be8240eb338058600c21a4SHA1: 697167187f3fae08a711089a4f2477b980baaec9ANALYSIS DATE: 2023-02-13T10:19:41ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – octo – c518c1536c0a03b6df35727360c8e26d
Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: c518c1536c0a03b6df35727360c8e26dSHA1: 06f20290b976b5ae46621335107ba67f68a2acaeANALYSIS DATE: 2023-02-13T10:27:02ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – hook – de61a04de576bfedceaf777d00c681e3
Score: 10 MALWARE FAMILY: hookTAGS:family:hook, banker, evasion, infostealer, ransomware, rat, trojanMD5: de61a04de576bfedceaf777d00c681e3SHA1: ad76e12bfafe8e2c837259793a8aa8adc69ad55aANALYSIS DATE: 2023-02-13T09:54:48ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 9520c1288f8a4b39c0ed8c876c6ce342
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan,...
Malware Analysis – – 244f46780caa83b92f7379239599440f
Score: 1 MALWARE FAMILY: TAGS:MD5: 244f46780caa83b92f7379239599440fSHA1: a4b8a6ff8ef0aeceac679a4da652b04d1ff3f033ANALYSIS DATE: 2023-02-13T11:25:50ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 56d6acb0c2d633d15c85b6076a777f52
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 56d6acb0c2d633d15c85b6076a777f52SHA1: 9b374eabfe300fc1aba7c90ddd184bf49cc9c475ANALYSIS DATE: 2023-02-13T11:15:09ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – smokeloader – b02479a6c16c1571bf7b6bf934253d52
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b02479a6c16c1571bf7b6bf934253d52SHA1: 716af19d87a39199273b8612b0adabe66cb9ec2cANALYSIS DATE: 2023-02-13T11:07:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – e494b79c75746c25bc46d8dcf8ae1732
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e494b79c75746c25bc46d8dcf8ae1732SHA1: 4b395fb66d78adbe3f7c60d68bd7b528f0473174ANALYSIS DATE: 2023-02-13T11:01:46ZTTPS: T1005, T1081, T1012, T1082,...
Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG command execution | CVE-2022-38547
NAME__________Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG command executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG could...
Node.js @sideway/formula module denial of service | CVE-2023-25166
NAME__________Node.js @sideway/formula module denial of servicePlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Node.js @sideway/formula module is vulnerable to a denial of service,...
LockBit 3.0 Ransomware Victim: greekpeak[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mdstrucking[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: laganscg[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Daily Vulnerability Trends: Mon Feb 13 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-23529** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason:...
BlackCat/ALPHV Ransomware Victim: Cork Institute of Technology & Munster Technological University
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – octo – 229771c39436dc8dcf656b86021fa5a1
Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 229771c39436dc8dcf656b86021fa5a1SHA1: 61a94c8e576ad8f5efedebc3438b2cb67941fb33ANALYSIS DATE: 2023-02-13T02:58:17ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – smokeloader – 80b50e333e346fc877328d1ad3e2c0e4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 80b50e333e346fc877328d1ad3e2c0e4SHA1: dc968b26bcd01cefb79a5865087b3f872394e29fANALYSIS DATE: 2023-02-13T03:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 3ab1a1a239e014d563c3a9bbb0492f29
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3ab1a1a239e014d563c3a9bbb0492f29SHA1: de619d9dd49163cf0be8cd777ec9666a6e5e3a23ANALYSIS DATE: 2023-02-13T03:24:35ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – djvu – ee12a9d02f45005bf7b170b7c830803d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: ee12a9d02f45005bf7b170b7c830803dSHA1:...
Malware Analysis – discovery – c9d398b0b57f099e4405d878f8cae4ec
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: c9d398b0b57f099e4405d878f8cae4ecSHA1: 0fcab4492c6a47d9846e905b573e6645bb062554ANALYSIS DATE: 2023-02-13T03:02:12ZTTPS: T1060, T1082, T1222, T1012 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – 11b95a7ff7a5bf4dd07ef50d9d2d55f1
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 11b95a7ff7a5bf4dd07ef50d9d2d55f1SHA1: 7b0929727f6ff913c6f24b19dd7ec13b00693894ANALYSIS DATE: 2023-02-13T03:18:34ZTTPS: T1012, T1082, T1060, T1112, T1491, T1120 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 4ab7e38f1d06c623036555954c3f1918
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4ab7e38f1d06c623036555954c3f1918SHA1: 3599db93f3825bdf8a7b339c405c8194f9c3a675ANALYSIS DATE: 2023-02-13T05:23:52ZTTPS: T1012, T1082, T1222, T1005,...
Malware Analysis – ransomware – 5f8946681a31e505ae08bb52c759adb5
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 5f8946681a31e505ae08bb52c759adb5SHA1: 332fcdeffda7aa2927f59438d84038f3d4096f8fANALYSIS DATE: 2023-02-13T05:54:12ZTTPS: T1012, T1082, T1057 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
