Vice Society Ransomware Victim: New Partners
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2023
Malware Analysis – djvu – 1e26a5b4fef1212594a1a80192b5af49
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 1e26a5b4fef1212594a1a80192b5af49SHA1: 805eab0ee48f53b202a4e9e518d957630b06483dANALYSIS DATE: 2023-01-26T09:10:44ZTTPS: T1060, T1112, T1222, T1053,...
Malware Analysis – smokeloader – 5138399605906d20f0d997f76a455305
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5138399605906d20f0d997f76a455305SHA1: 1c3d6a4e2e3c06654cd6ce9a63df125285cc39ecANALYSIS DATE: 2023-01-26T09:23:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 1b8f29e2103cf73b4844c685c6f6ce5e
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomware, spyware, stealerMD5: 1b8f29e2103cf73b4844c685c6f6ce5eSHA1: bc2607fce6742c21c4d8a679968e3769e40261f6ANALYSIS DATE: 2023-01-26T09:50:00ZTTPS: T1060, T1012, T1112, T1005, T1081, T1082, T1042...
Malware Analysis – djvu – 09a0cb3a24b41bc88ad4e89bbc66b492
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 09a0cb3a24b41bc88ad4e89bbc66b492SHA1: 4587378995be7068c587591933f38990fe5bee23ANALYSIS DATE: 2023-01-26T10:08:47ZTTPS:...
Malware Analysis – djvu – afd4bd2d1bf9a2648a0ddfd0bd572e57
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: afd4bd2d1bf9a2648a0ddfd0bd572e57SHA1: 25c7285f2d5da15e1d60945ccbac73b6ae04fc33ANALYSIS DATE: 2023-01-26T09:30:51ZTTPS: T1012, T1222, T1082, T1005,...
Malware Analysis – discovery – 69a60a65668851b6ddb406e3094b2e86
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 69a60a65668851b6ddb406e3094b2e86SHA1: 484a781471ed7227ed6636122fdbac56e9895b3fANALYSIS DATE: 2023-01-26T10:29:17ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – f949ebdd228fd1ff03e7a1c963886ef2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f949ebdd228fd1ff03e7a1c963886ef2SHA1: 6a30d8454bedc3353ab8b7d5c9095e19583ac99aANALYSIS DATE: 2023-01-26T10:45:45ZTTPS: T1222, T1082, T1053, T1005,...
Malware Analysis – smokeloader – 7961d2f393fbc2f1fa49db7410feaa21
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 7961d2f393fbc2f1fa49db7410feaa21SHA1: d7b1b94ee117bf2a4be1f3b6044fde46d175d27eANALYSIS DATE: 2023-01-26T11:25:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4623857875232b3cd157433eb1fd0e46
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4623857875232b3cd157433eb1fd0e46SHA1: f5b05f67ddf98eb52427f49f346736eeb1f47ffcANALYSIS DATE: 2023-01-26T10:54:21ZTTPS: T1005, T1081, T1082, T1012,...
Malware Analysis – djvu – 8edc269873eb17d0c726919b0b2855d5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, discovery, persistence, ransomware, trojan, vmprotectMD5: 8edc269873eb17d0c726919b0b2855d5SHA1: 1ccb3faed9993c542e92f66f10fe2ec992408971ANALYSIS DATE: 2023-01-26T10:57:08ZTTPS: T1012, T1120, T1082, T1222,...
Cobalt Stike Beacon Detected – 47[.]92[.]126[.]214:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]151[.]195[.]11:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]208[.]73[.]11:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 100[.]26[.]163[.]51:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
LearnPress plugin for WordPress file inclusion | CVE-2022-47615
NAME__________LearnPress plugin for WordPress file inclusionPlatforms Affected:Risk Level:9.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________LearnPress plugin for WordPress could allow a remote attacker to include...
Lexmark products server-side request forgery | CVE-2023-23560
NAME__________Lexmark products server-side request forgeryPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Lexmark products are vulnerable to server-side request forgery, caused by improper input...
Jenkins Script Security Plugin code execution | CVE-2023-24422
NAME__________Jenkins Script Security Plugin code executionPlatforms Affected:Jenkins Script Security Plugin 1228.vd93135a_2fb_25Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Script Security Plugin could allow a...
Dasherr file upload | CVE-2023-23607
NAME__________Dasherr file uploadPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Dasherr could allow a remote attacker to upload arbitrary files, caused by...
Jenkins OpenId Connect Authentication Plugin security bypass | CVE-2023-24424
NAME__________Jenkins OpenId Connect Authentication Plugin security bypassPlatforms Affected:Jenkins OpenId Connect Authentication Plugin 2.4Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins OpenId Connect Authentication Plugin...
Jenkins OpenID Plugin security bypass | CVE-2023-24444
NAME__________Jenkins OpenID Plugin security bypassPlatforms Affected:Jenkins OpenID Plugin 2.4Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins OpenID Plugin could allow a remote attacker to...
Jenkins Azure AD Plugin security bypass | CVE-2023-24426
NAME__________Jenkins Azure AD Plugin security bypassPlatforms Affected:Jenkins Azure AD Plugin 303.va_91ef20ee49fRisk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Azure AD Plugin could allow a...
Jenkins Bitbucket OAuth Plugin security bypass | CVE-2023-24427
NAME__________Jenkins Bitbucket OAuth Plugin security bypassPlatforms Affected:Jenkins Bitbucket OAuth Plugin 0.12Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Bitbucket OAuth Plugin could allow a...
VMware vRealize Log Insight directory traversal | CVE-2022-31706
NAME__________VMware vRealize Log Insight directory traversalPlatforms Affected:VMware vRealize Log Insight 8.0.0 VMware Cloud Foundation 3.0 VMware Cloud Foundation 4.0 VMware...
