Year: 2023

Royal Ransomware Victim: MW Components

April 24, 2023

RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...

Malware Analysis – evasion – 8effcc3b16c124f3ba46fe8e86947105

April 24, 2023

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 8effcc3b16c124f3ba46fe8e86947105SHA1: d6b4f76d9bfbaae0fc944adb8cb9dd8f487050efANALYSIS DATE: 2023-04-24T14:32:46ZTTPS: T1012, T1082, T1112, T1060, T1158, T1491, T1120 ScoreMeaningExample10Known badA...

Malware Analysis – djvu – 18d171bc6fea9f638c4d76698b2b7d7f

April 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 18d171bc6fea9f638c4d76698b2b7d7fSHA1: ab1aa609f0395ab1a410a8aeef94d9fc6f9b0fb6ANALYSIS DATE: 2023-04-24T15:22:21ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – evasion – b209c6502e2fecd11fbdeb4fe602e90a

April 24, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: b209c6502e2fecd11fbdeb4fe602e90aSHA1: 5abd3b562aa38db2a1f14ec0997a5e9d6fa4fc9eANALYSIS DATE: 2023-04-24T17:23:51ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 9d416753c2a076fa65105a7d34fbe1cb

April 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 9d416753c2a076fa65105a7d34fbe1cbSHA1: 52e01796a7c5f0492d832f86708d4bfab0f2b690ANALYSIS DATE: 2023-04-24T15:43:58ZTTPS: T1005, T1081, T1012, T1060,...

Malware Analysis – amadey – ca89840f1259ebfe7a0e945c15ed79e5

April 24, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:rhadamanthys, family:smokeloader, family:vidar, botnet:5c24dc0e9726fcc756a18038ae4e0e67, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:fc8427198f843d72c1aa8a66db1a98f3, botnet:pub1, backdoor, collection, discovery, evasion, persistence, ransomware,...

Malware Analysis – amadey – 0e5768e5106ad5956530ada9cbd08647

April 24, 2023

Malware Analysis – djvu – 9e152141b4c83bd73477b543860668df

April 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 9e152141b4c83bd73477b543860668dfSHA1: 841b2caff78d9dd1e8ad6b6a1493c9892d698dceANALYSIS DATE: 2023-04-24T17:32:45ZTTPS: T1082, T1012, T1005, T1081,...

Malware Analysis – amadey – 6f067e24ed07adc6b424ac9a0e7f5a61

April 24, 2023

Malware Analysis – djvu – 8729348bb91d4712cde74e6ae4949bbe

April 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 8729348bb91d4712cde74e6ae4949bbeSHA1: 996a94a902d668107532ba251f8224d6b7225ddcANALYSIS DATE: 2023-04-24T17:25:53ZTTPS: T1012, T1082, T1053, T1005,...

Malware Analysis – djvu – 413e3d55867e81e00b0fc53b335e0c8a

April 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, stealerMD5: 413e3d55867e81e00b0fc53b335e0c8aSHA1: bef6e9491bd8fc6489808c1eebe11d20c638297bANALYSIS DATE: 2023-04-24T17:27:59ZTTPS: T1222, T1082, T1053, T1130, T1112,...

Year: 2023

Royal Ransomware Victim: MW Components

Malware Analysis – evasion – 8effcc3b16c124f3ba46fe8e86947105

Malware Analysis – djvu – 18d171bc6fea9f638c4d76698b2b7d7f

Malware Analysis – evasion – b209c6502e2fecd11fbdeb4fe602e90a

Malware Analysis – djvu – 9d416753c2a076fa65105a7d34fbe1cb

Malware Analysis – amadey – ca89840f1259ebfe7a0e945c15ed79e5

Malware Analysis – amadey – 0e5768e5106ad5956530ada9cbd08647

Malware Analysis – djvu – 9e152141b4c83bd73477b543860668df

Malware Analysis – amadey – 6f067e24ed07adc6b424ac9a0e7f5a61

Malware Analysis – djvu – 8729348bb91d4712cde74e6ae4949bbe

Malware Analysis – djvu – 413e3d55867e81e00b0fc53b335e0c8a

Daily Threat Intelligence – April 24 – 2023

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites

Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it for Free!

LockBit 3.0 Ransomware Victim: floraalpina[.]ch

LockBit 3.0 Ransomware Victim: fullertonindia[.]com

LockBit 3.0 Ransomware Victim: bigc[.]co[.]th

LockBit 3.0 Ransomware Victim: norton[.]com[.]ar

LockBit 3.0 Ransomware Victim: apolloscientific[.]co[.]uk

LockBit 3.0 Ransomware Victim: yateemgroup[.]com

LockBit 3.0 Ransomware Victim: gpglobal[.]com

LockBit 3.0 Ransomware Victim: esinsa[.]com

CVE Alert: CVE-2025-24521

CVE Alert: CVE-2025-27412

CVE Alert: CVE-2025-27411

CVE Alert: CVE-2024-11035

CVE Alert: CVE-2025-20208

You may have missed