Cobalt Stike Beacon Detected – 194[.]55[.]186[.]206:8011
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 43[.]143[.]213[.]120:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]247[.]46:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – glupteba – 35dc42a422a763d61cdf19cee9b5f48a
Score: 10 MALWARE FAMILY: gluptebaTAGS:family:glupteba, family:redline, botnet:bharat, discovery, dropper, evasion, infostealer, loader, persistence, ransomware, trojan, vmprotectMD5: 35dc42a422a763d61cdf19cee9b5f48aSHA1: b2f51efcd7dc3f8a10d0362890c392757596222aANALYSIS DATE: 2023-01-12T21:04:56ZTTPS:...
Malware Analysis – quasar – 214bb6347cffeb07969a31d0cc01c0c9
Score: 10 MALWARE FAMILY: quasarTAGS:family:quasar, evasion, persistence, ransomware, spyware, trojanMD5: 214bb6347cffeb07969a31d0cc01c0c9SHA1: a473b46a2a03a9b36925175ddc2598810a1bf3a5ANALYSIS DATE: 2023-01-12T21:54:40ZTTPS: T1082, T1112, T1060, T1130, T1102, T1107,...
Malware Analysis – sodinokibi – 8a7c7ef298134fbb1dc660e3ce11897e
Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:5, campaign:367, ransomware, spyware, stealerMD5: 8a7c7ef298134fbb1dc660e3ce11897eSHA1: 759324cde77d121bea646bb5b14a10cb6e90cf70ANALYSIS DATE: 2023-01-12T20:44:42ZTTPS: T1107, T1490, T1491, T1112, T1130, T1012,...
Cobalt Stike Beacon Detected – 5[.]188[.]86[.]194:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]149[.]176[.]214:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]207[.]8[.]194:800
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]54[.]62[.]242:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – a324ed7b304360cc9ed41e619478b953
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:socelars, family:vidar, botnet:19, botnet:494, backdoor, discovery, persistence, ransomware, stealer, trojan, vmprotectMD5: a324ed7b304360cc9ed41e619478b953SHA1: 7e9094fb9c32ad70bc9cb9df3202d5b068e1f415ANALYSIS...
Malware Analysis – djvu – 0b9f0bf3d076c5e133d61c2453261034
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 0b9f0bf3d076c5e133d61c2453261034SHA1: fc850da7eaf11a0884eccdd2a354e6da8dca7df4ANALYSIS DATE: 2023-01-12T22:26:14ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 3e71c7e166194c5ee25021452f4133ea
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3e71c7e166194c5ee25021452f4133eaSHA1: e89e8e017c5de78c0c468e1d6363c1854ffd4ec9ANALYSIS DATE: 2023-01-12T23:34:43ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – evasion – 23d173a46e32cbafcce943108f6ce5f2
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 23d173a46e32cbafcce943108f6ce5f2SHA1: 0d764bf3eb47f4b3e597b0f6d6e28e504d018c63ANALYSIS DATE: 2023-01-12T22:36:43ZTTPS: T1490, T1107 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – amadey – 57dc07b0383a9d5aafe5ab318acd7eb7
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:socelars, family:vidar, botnet:19, botnet:494, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 57dc07b0383a9d5aafe5ab318acd7eb7SHA1:...
Malware Analysis – evasion – 9ee884d1d2f17ef13b510a032114bb6a
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9ee884d1d2f17ef13b510a032114bb6aSHA1: 26b0bf7ec28ac885326075aa57ef598c16e47dc9ANALYSIS DATE: 2023-01-12T23:40:50ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – globeimposter – c99e32fb49a2671a6136535c6537c4d7
Score: 10 MALWARE FAMILY: globeimposterTAGS:family:globeimposter, persistence, ransomware, spyware, stealerMD5: c99e32fb49a2671a6136535c6537c4d7SHA1: ada9bcb3da63e7b989b279fb6c3bc9fe7ff7b41fANALYSIS DATE: 2023-01-12T23:37:11ZTTPS: T1112, T1107, T1490, T1158, T1060, T1082, T1005,...
Malware Analysis – ransomware – 4031d34c9039c51a0d9e34bab0eafab7
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4031d34c9039c51a0d9e34bab0eafab7SHA1: 58bddccf9dfda1b46361a1503c456cb7e1de0a4eANALYSIS DATE: 2023-01-12T23:37:58ZTTPS: T1005, T1081, T1012, T1082 ScoreMeaningExample10Known badA malware family was...
Posh C2 Detected – 94[.]130[.]106[.]165:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These...
Royal Ransomware Victim: Ruhrpumpen
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
HIVE Ransomware Victim: G[.]W[.] Becker
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA: Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms Drupal has released a security update to address a...
