Cobalt Stike Beacon Detected – 1[.]15[.]189[.]200:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 5[.]8[.]18[.]242:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]80[.]189[.]108:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 188[.]241[.]240[.]136:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]98[.]234[.]230:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]188[.]175:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 58[.]96[.]75[.]176:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Aruba fixes critical vulnerabilities in EdgeConnect Enterprise Orchestrator
Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect Enterprise Orchestrator. Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect...
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to...
LockBit 3.0 Ransomware Victim: marktel[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
NCSC issues fresh guidance following recent rise in supply chain cyber attacks
N New cyber security guidance issued in response to growing trend in supply chain attacks GCHQ’s National Cyber Security Centre...
Microsoft Patch Tuesday for October 2022 doesn’t fix Exchange Server flaws
Microsoft Patch Tuesday security updates for October 2022 addressed a total of 85 security vulnerabilities, including an actively exploited zero-day. Microsoft...
SteaLinG – Open-Source Penetration Testing Framework Designed For Social Engineering
The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to...
LockBit 3.0 Ransomware Victim: martel[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – ransomware – 9e36523ee2bd21f75d43eb24f1ebf2aa
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 9e36523ee2bd21f75d43eb24f1ebf2aaSHA1: 5634cfcf86bcbc7b0951ea77f2f9381226e6c8efANALYSIS DATE: 2022-10-12T08:05:11ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – b812599e422e43884d82d78291f85c11
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: b812599e422e43884d82d78291f85c11SHA1: d4c179b0bfb8adceccdbad168dd662738fad770eANALYSIS DATE: 2022-10-12T08:05:05ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – wannacry – 00f6f68aef14d7e633718fd98c5849bf
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 00f6f68aef14d7e633718fd98c5849bfSHA1: d1ecadafb4afad7e8d68f5e569a42ab62dfcccf0ANALYSIS DATE: 2022-10-12T08:06:05ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – wannacry – 5cfb415656b90415c61f63f926687bba
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 5cfb415656b90415c61f63f926687bbaSHA1: 38f948257e65bce017effb1dd4166b45857a8664ANALYSIS DATE: 2022-10-12T08:07:03ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 83524a6ab3c6d94fb3e3d0e798902662
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 83524a6ab3c6d94fb3e3d0e798902662SHA1: 7f1e31f3027c3b7d769880bb8e55ca869ce0e29dANALYSIS DATE:...
Malware Analysis – djvu – 361ad8caea536bb548de7dd173f39cb4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 361ad8caea536bb548de7dd173f39cb4SHA1: bc29e8b86b2e754fdf4ab7a77aae492613dbe443ANALYSIS DATE: 2022-10-12T08:39:48ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – ransomware – dd9d34b2bcaf57ed5192ca1b73139a46
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: dd9d34b2bcaf57ed5192ca1b73139a46SHA1: 5b3e4f618ab14b7ac03dfd732fede5ace95d5566ANALYSIS DATE: 2022-10-12T08:42:07ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – agilenet – 0906bfbcac00c26b080d3ba4f4542579
Score: 9 MALWARE FAMILY: agilenetTAGS:agilenet, evasion, themida, trojanMD5: 0906bfbcac00c26b080d3ba4f4542579SHA1: eca76f73d94d388b51d3b5f97525ab49fb47f8c6ANALYSIS DATE: 2022-10-12T08:50:51ZTTPS: T1012, T1497, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – ransomware – 46841f22a5e3c6f4d1f19a09ce2e85a7
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 46841f22a5e3c6f4d1f19a09ce2e85a7SHA1: 00e17f432ea96b23bd530a9bf84d1884c41315ddANALYSIS DATE: 2022-10-12T08:42:07ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – e7af06880e648da328b170608a6ab9e4
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: e7af06880e648da328b170608a6ab9e4SHA1: 3148ecca25ac16843b80c289b98ef663ee3ed5e7ANALYSIS DATE: 2022-10-12T08:42:07ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
