US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Year: 2023
auditpolCIS – CIS Benchmark Testing Of Windows SIEM Configuration
CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
Royal Ransomware Victim: Encompass Group
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – evasion – 495c2a34d4447df001099893059774f6
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: 495c2a34d4447df001099893059774f6SHA1: bf7c9c05ae10ffaab5325c434705b33384ddf2b2ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489, T1082,...
Malware Analysis – evasion – 469eb4d876c8bd2093e47d2474fbc59b
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, upxMD5: 469eb4d876c8bd2093e47d2474fbc59bSHA1: 0ff84a77d24839137002c56e9ff60c7f92080ca8ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1082, T1005, T1081, T1060, T1112,...
Malware Analysis – evasion – c50a968d1c6351e9e087a56b1e5a1acd
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: c50a968d1c6351e9e087a56b1e5a1acdSHA1: d9c4742a26bf41c5009f2e56f53ae9fab931a5b1ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1005, T1081, T1060, T1112, T1031, T1562,...
Malware Analysis – amadey – fd5168a3d3adb20b0eedfd5f43ee3626
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:6908ab4fa5f20120a1d1ab0aab96b784, botnet:acfe5a66e11e3bf64369ac07af193354, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware,...
Malware Analysis – evasion – 74dfb9ff18eb2dcea85dd97d01f96702
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, upxMD5: 74dfb9ff18eb2dcea85dd97d01f96702SHA1: e6c134f0cb8f2bdf2255d06ef5720c314c03837fANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489,...
Malware Analysis – djvu – f60e6578aa0bb267266b0f72fd6ec284
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: f60e6578aa0bb267266b0f72fd6ec284SHA1: 5a9ce528a2294269c403e6f4e98d27fd05bc565fANALYSIS DATE: 2023-04-25T15:19:23ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – evasion – de96342270a559433babd9a496b0e7a8
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: de96342270a559433babd9a496b0e7a8SHA1: 061d614f75e29cc48fe846e06380ee44752e432fANALYSIS DATE: 2023-04-25T15:50:52ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489, T1082,...
Malware Analysis – djvu – 5bf10b503a886162343a3e3511fc07d8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 5bf10b503a886162343a3e3511fc07d8SHA1: fa14795c6e684c472b14a00e8586a811552cd24cANALYSIS DATE: 2023-04-25T17:04:02ZTTPS: T1060, T1112, T1053, T1012,...
Malware Analysis – amadey – 47d48d432cffa139836800a6f9f2a831
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:acfe5a66e11e3bf64369ac07af193354, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer,...
Malware Analysis – ransomware – 3ae8e35691af3e50ff3f56d300c11ecd
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 3ae8e35691af3e50ff3f56d300c11ecdSHA1: 467603040077cb018371380adc60bbc615120685ANALYSIS DATE: 2023-04-25T16:28:40ZTTPS: T1158, T1082, T1112, T1491 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – cd1d75b9096fd3edc5e1fe3637fb5890
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:6908ab4fa5f20120a1d1ab0aab96b784, botnet:acfe5a66e11e3bf64369ac07af193354, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware,...
Malware Analysis – ransomware – 0a9020ba7a3f899fe01a7eb749af2a98
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0a9020ba7a3f899fe01a7eb749af2a98SHA1: fe9c2639e62489672acf9717e76f332a97069207ANALYSIS DATE: 2023-04-25T17:26:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – fb01fde5df1cb1a7cf4328fed8c56c25
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, stealerMD5: fb01fde5df1cb1a7cf4328fed8c56c25SHA1: 35e0e57e39e6048d3c3568c000a02f0c66826a38ANALYSIS DATE: 2023-04-25T17:25:38ZTTPS: T1222, T1082, T1053, T1130, T1112,...
Malware Analysis – ransomware – bcbf0f9f46da15d8d8237c6af1d7034c
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: bcbf0f9f46da15d8d8237c6af1d7034cSHA1: 46dcd2bba94e5d54a430af5133c97dbdd75612d1ANALYSIS DATE: 2023-04-25T17:26:53ZTTPS: T1082, T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 450356b1127c0b8ec92d738f4793eb84
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 450356b1127c0b8ec92d738f4793eb84SHA1: 8c2e8c2e814b47a67896cbca556a80f1b8d266d7ANALYSIS DATE: 2023-04-25T17:26:54ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – gandcrab – 8141ae1b905d61f4e0d3534052e45364
Score: 10 MALWARE FAMILY: gandcrabTAGS:family:gandcrab, backdoor, ransomwareMD5: 8141ae1b905d61f4e0d3534052e45364SHA1: a9d17cd249f4f882d1e2128d7f25bd13b20d9da2ANALYSIS DATE: 2023-04-25T17:26:55ZTTPS: T1012, T1082, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – 0457fd40e4b9eb689a83d5775235faaf
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 0457fd40e4b9eb689a83d5775235faafSHA1: 78a6e1d442e0a6ed613f1469a1cc0fa97dd29fd2ANALYSIS DATE: 2023-04-25T17:26:54ZTTPS: T1107, T1490, T1082, T1060, T1112, T1012, T1120 ScoreMeaningExample10Known badA malware...
Malware Analysis – persistence – 329d083880ddb262e38a8db3c5a6c9c3
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 329d083880ddb262e38a8db3c5a6c9c3SHA1: d580d080f717c3bc03bf487d38902f3ba8abbb46ANALYSIS DATE: 2023-04-25T17:26:56ZTTPS: T1107, T1490, T1060, T1112, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 1b96a20d2b8a062f538eb40aef3e8ec8
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 1b96a20d2b8a062f538eb40aef3e8ec8SHA1: 3ba495326b2a6e59e91814a8f5e713a5fa327ee7ANALYSIS DATE: 2023-04-25T17:26:56ZTTPS: T1082, T1112, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – persistence – bbef5dfa20459447fd71ea3eaac82ca0
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: bbef5dfa20459447fd71ea3eaac82ca0SHA1: 293264a77bf83a1e69d3b38428b4c76f0d54780fANALYSIS DATE: 2023-04-25T17:26:57ZTTPS: T1107, T1490, T1082, T1112, T1060, T1012, T1120 ScoreMeaningExample10Known badA malware...
