APTRS – Automated Penetration Testing Reporting System
APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers...
Year: 2023
Royal Ransomware Victim: carinya
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – ransomware – b4447fd459e4d3f8c74d0dd61b363f35
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b4447fd459e4d3f8c74d0dd61b363f35SHA1: 2f531904e872f4cb4a481c6983b4e7bb68541744ANALYSIS DATE: 2023-01-17T16:36:34ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – e8b5ced1c7421ee80a25afe48e816a08
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: e8b5ced1c7421ee80a25afe48e816a08SHA1: d4d88fe22b4c6fdc3222486d6de353c8fff8643aANALYSIS DATE: 2023-01-17T16:41:57ZTTPS: T1130, T1112, T1060, T1222, T1082...
Malware Analysis – djvu – a9bac1dee06b3257cab19cb09bef3d1c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a9bac1dee06b3257cab19cb09bef3d1cSHA1: 2be37ca987a82592dde5e01293266a6a26e7892cANALYSIS DATE: 2023-01-17T16:47:09ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – discovery – fba93d8d029e85e0cde3759b7903cee2
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: fba93d8d029e85e0cde3759b7903cee2SHA1: 525b1aa549188f4565c75ab69e51f927204ca384ANALYSIS DATE: 2023-01-17T17:38:51ZTTPS: T1012, T1060, T1112, T1222 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – ransomware – caffd0c766788c61986d86fd2e608d81
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: caffd0c766788c61986d86fd2e608d81SHA1: 3fe95f91eb2cf49e160b3dd3908997dbde9a9277ANALYSIS DATE: 2023-01-17T17:34:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – ransomware – ee055c9526a3f435cfa4e0bf9ee87266
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ee055c9526a3f435cfa4e0bf9ee87266SHA1: b5e24b18ba07c2e28377c9f249a99a46bb415b93ANALYSIS DATE: 2023-01-17T16:45:28ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 103[.]187[.]168[.]153:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]146:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]128[.]211[.]137:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 85[.]239[.]54[.]14:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]131[.]35:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]213[.]50[.]35:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]18[.]131[.]129:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 60[.]249[.]20[.]183:9000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 45[.]87[.]43[.]114:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Multiple ManageEngine products code execution | CVE-2022-47966
NAME__________Multiple ManageEngine products code executionPlatforms Affected:ManageEngine Access Manager Plus 4307 ManageEngine Active Directory 360 4309 ManageEngine ADAudit Plus 7080 ManageEngine...
Apache Superset cross-site request forgery | CVE-2022-43719
NAME__________Apache Superset cross-site request forgeryPlatforms Affected:Apache Superset 1.5.2 Apache Superset 2.0.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Superset is vulnerable to cross-site request...
MAIF Izanami security bypass | CVE-2023-22495
NAME__________MAIF Izanami security bypassPlatforms Affected:MAIF Izanami 1.10.21Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________MAIF Izanami could allow a remote attacker to bypass security restrictions,...
Gatsby cross-site scripting | CVE-2023-22491
NAME__________Gatsby cross-site scriptingPlatforms Affected:Gatsby Gatsby 5.25.0 Gatsby Gatsby 6.3.1Risk Level:8.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Gatsby is vulnerable to cross-site scripting, caused by improper...
Lead Management System SQL injection | CVE-2022-47859
NAME__________Lead Management System SQL injectionPlatforms Affected:SourceCodester Lead management system 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Lead Management System is vulnerable to SQL injection....
RSSHub | CVE-2023-22493
NAME__________RSSHubPlatforms Affected:RSSHub RSSHubRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________RSSHub is vulnerable to server-side request forgery, caused by improper input validation. By sending a...
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypass | CVE-2023-20025
NAME__________Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypassPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cisco Small Business RV016, RV042, RV042G,...
