RedPacket Security - InfoSec News & Tutorials

Malware Analysis – danabot – 141393e93c307983763e7a187b3f3dd0

October 13, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:o1, backdoor, banker, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...

Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server

October 13, 2022

Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has...

The discovery of Alchimist C2 tool, revealed a new attack framework to target Windows, macOS, and Linux systems

October 13, 2022

Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux...

FUD-UUID-Shellcode – Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness

October 13, 2022

Introduction Another shellcode Static Analysis AV Scan results The binary was scanned using Credits https://research.nccgroup.com/2021/01/23/rift-analysing-a-lazarus-shellcode-execution-method/ Download FUD-UUID-Shellcode If you like...

POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep

October 13, 2022

An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021....

Malware Analysis – danabot – b8fa4a8502049a4eeb5f0d877d245340

October 13, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: b8fa4a8502049a4eeb5f0d877d245340SHA1:...

Malware Analysis – ransomware – 48b98669cd85373e808b1e4ecc21d252

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 48b98669cd85373e808b1e4ecc21d252SHA1: 41094f11544014dbb7954013bd395de4d8a31959ANALYSIS DATE: 2022-10-13T08:15:59ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – wannacry – a54bd76e5f4e72c14a8919e0e0da50f6

October 13, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: a54bd76e5f4e72c14a8919e0e0da50f6SHA1: 26c37e34c52e90c13fcc4cc00e53966ca253d65eANALYSIS DATE: 2022-10-13T08:25:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – 47b20a430e464b556929ffd08108e94a

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 47b20a430e464b556929ffd08108e94aSHA1: d1fa65a047c630ce3c2057d3f490154d87be1f0dANALYSIS DATE: 2022-10-13T08:02:31ZTTPS: T1005, T1081, T1082, T1012,...

Malware Analysis – wannacry – b9d9625066a34cc108ca55ea141c624a

October 13, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: b9d9625066a34cc108ca55ea141c624aSHA1: 4f51a129f39bb40a84f004997ceac9c6ac3fcd36ANALYSIS DATE: 2022-10-13T08:25:05ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – wannacry – 4edfdc708fb7cb3606ca68b6c288f979

October 13, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: 4edfdc708fb7cb3606ca68b6c288f979SHA1: 9ceb5872fb2309ecb13f534ca085aa27c04fc913ANALYSIS DATE: 2022-10-13T08:25:05ZTTPS: T1112, T1060, T1158, T1491, T1222,...

Malware Analysis – smokeloader – 11a479ae76ab27af78c9a2371e68be32

October 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 11a479ae76ab27af78c9a2371e68be32SHA1: 835ec75559bb2a6c6b6c33678af1992454e009eaANALYSIS DATE: 2022-10-13T08:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – wannacry – b03fec4a353ba6770f5b4b8acb5c3085

October 13, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: b03fec4a353ba6770f5b4b8acb5c3085SHA1: 52c967c2faf19a38f61e47159f4faccdadeb335bANALYSIS DATE: 2022-10-13T08:26:03ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Cobalt Stike Beacon Detected – 188[.]166[.]125[.]122:80

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – ac2e9f9f84f98a1c7514fcf2e81eaa88

October 13, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ac2e9f9f84f98a1c7514fcf2e81eaa88SHA1: 8dfb08d755a31fdd40bfc624983113e2b0a4c0adANALYSIS DATE: 2022-10-13T08:42:40ZTTPS: T1107, T1490, T1012, T1120, T1082, T1018, T1130, T1112, T1070 ScoreMeaningExample10Known...

Malware Analysis – evasion – 402af7774c48e1a1a64d4fe70beada2b

October 13, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 402af7774c48e1a1a64d4fe70beada2bSHA1: e410d41975b71494ee8d70b375fff4ff0dfdbdccANALYSIS DATE: 2022-10-13T08:38:04ZTTPS: T1059, T1107, T1490, T1082, T1012, T1497 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – 0c13413f7eeca789ffdb644c13db3351

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0c13413f7eeca789ffdb644c13db3351SHA1: 15fa888c90ac75266f32788fb97868cd62c0028eANALYSIS DATE: 2022-10-13T08:32:50ZTTPS: T1060, T1112, T1082, T1005,...

Malware Analysis – djvu – 11123b38b1013675616c9c50a8377a2a

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 11123b38b1013675616c9c50a8377a2aSHA1: 42633b68bfe4d4abdb7061f10eaa93124adc0b11ANALYSIS DATE: 2022-10-13T08:41:03ZTTPS: T1005, T1081, T1130, T1112,...

Cobalt Stike Beacon Detected – 124[.]221[.]161[.]146:8888

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 52[.]7[.]230[.]192:80

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 174[.]139[.]150[.]224:443

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 150[.]158[.]18[.]5:7443

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – smokeloader – cfd9f994ffbc8772cc33d42e3b20bc9a

October 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cfd9f994ffbc8772cc33d42e3b20bc9aSHA1: cec6acf8a6b2f76a8bae4d5598f5e4d562f58cecANALYSIS DATE: 2022-10-13T09:04:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – play – 04910458c6338cd58027336c5a3e0f26

October 13, 2022

Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 04910458c6338cd58027336c5a3e0f26SHA1: 4948cc434de62b14c6a92fb8d15f6355199dd7f2ANALYSIS DATE: 2022-10-13T09:36:03ZTTPS: T1012, T1120, T1082, T1005, T1081 ScoreMeaningExample10Known badA malware...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed