US-CERT Bulletin (SB22-318):Vulnerability Summary for the Week of November 7, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
threatintel
LockBit 3.0 Ransomware Victim: itis-technology[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gulfcoastwindows[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: zagiel[.]pl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HIVE Ransomware Victim: LCMH
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HIVE Ransomware Victim: Hydro-Gear & Agri-Fab
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – sodinokibi – b67606d382f50ebf76848d023decee20
Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, persistence, ransomwareMD5: b67606d382f50ebf76848d023decee20SHA1: 6c72756b12b03a2a594b8bb308944396438ec979ANALYSIS DATE: 2022-11-15T15:46:03ZTTPS: T1012, T1120, T1082, T1060, T1112, T1491 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 6a05c4dc74ef3eb3cbe3b9e67c07af24
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 6a05c4dc74ef3eb3cbe3b9e67c07af24SHA1: 32951c8b1f7740aad9a2ecaafc1075cc826c441eANALYSIS DATE: 2022-11-15T15:04:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – blackrock – 0d4a272052b87d098271ddfb6f4ea191
Score: 10 MALWARE FAMILY: blackrockTAGS:family:blackrock, banker, infostealer, ransomware, trojanMD5: 0d4a272052b87d098271ddfb6f4ea191SHA1: c1b3db52e0aa1798b9193ea7f1a2c8d7747aeec8ANALYSIS DATE: 2022-11-15T15:10:10ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 1152e2ea6ef7eae60fd914a02f333d3f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1152e2ea6ef7eae60fd914a02f333d3fSHA1: fa49c4a1a397d4fa53ad5685b3239b038e3f1f13ANALYSIS DATE: 2022-11-15T15:59:09ZTTPS: T1005, T1081, T1060, T1112,...
Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – banker – 2d4806f5971d10dc44a5589eabbafbe3
Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 2d4806f5971d10dc44a5589eabbafbe3SHA1: 75f314e523c012f66565413b43953a3adb2ae3b2ANALYSIS DATE: 2022-11-15T16:15:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 9649ce37c11a913d3895a6e0b6afb4d2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 9649ce37c11a913d3895a6e0b6afb4d2SHA1: c7bf4ae4bea1c2466d81857d13c498ac6d366e96ANALYSIS DATE: 2022-11-15T16:50:37ZTTPS: T1060, T1112, T1053, T1012,...
Malware Analysis – amadey – 0336dbda5cc02d19df642fe601b80663
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:dbffbdbc9786a5c270e6dd2d647e18ea, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence,...
Malware Analysis – amadey – 566efc86f5da74bca32b57c2dd25d997
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:123, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware,...
Malware Analysis – – ac38a1394afcb482971389143276a76d
Score: 1 MALWARE FAMILY: TAGS:MD5: ac38a1394afcb482971389143276a76dSHA1: 5425bc88a602900b1e1c329e9b5bbd135afeaff6ANALYSIS DATE: 2022-11-15T17:42:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 69aa7889fb018ab02aa828d3a936c399
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 69aa7889fb018ab02aa828d3a936c399SHA1: ab7891047c78bf227ca8bcba37dfbf223a76e345ANALYSIS DATE: 2022-11-15T17:51:03ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – 81919e4ec02b17887b81734b8c666199
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:nymaim, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer,...
Malware Analysis – djvu – eb2feaca9eb74fbfde53174b2727e664
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: eb2feaca9eb74fbfde53174b2727e664SHA1: ab6e3ec972c99630c38f26aa8911527aa668263eANALYSIS DATE: 2022-11-15T17:29:11ZTTPS: T1012, T1082, T1005, T1081,...
Experts revealed details of critical SQLi and access issues in Zendesk Explore
Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed...
China-linked APT Billbug breached a certificate authority in Asia
A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government...
LockBit 3.0 Ransomware Victim: amend[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: linkplus[.]com[.]hk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Dismember – Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
