threatintel

Malware Analysis – djvu – 8082396808375b2d4297de6297b85387

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 8082396808375b2d4297de6297b85387SHA1: b3eba7002e1805c0857e834337e3e0163cef4d6cANALYSIS DATE: 2022-10-06T15:27:53ZTTPS: T1082, T1005, T1081, T1053,...

Malware Analysis – – ef4fdf65fc90bfda8d1d2ae6d20aff60

October 6, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: ef4fdf65fc90bfda8d1d2ae6d20aff60SHA1: 9431227836440c78f12bfb2cb3247d59f4d4640bANALYSIS DATE: 2022-10-06T14:53:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – c90ab0e7f5139a1690233dd68f54cf28

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c90ab0e7f5139a1690233dd68f54cf28SHA1: 588d882524cc9c689ee3dfdd83b3d6840c5a2d17ANALYSIS DATE: 2022-10-06T15:13:06ZTTPS: T1222, T1082, T1005, T1081,...

Malware Analysis – privateloader – 4109b53059128d74bf178bfbc7b5d7e5

October 6, 2022

Score: 10 MALWARE FAMILY: privateloaderTAGS:family:privateloader, family:redline, family:smokeloader, botnet:nam6.9, backdoor, infostealer, loader, main, spyware, stealer, trojan, vmprotectMD5: 4109b53059128d74bf178bfbc7b5d7e5SHA1: 4ab24c962cb923a0a36f2620241b40c8d4f609d3ANALYSIS DATE: 2022-10-06T16:21:03ZTTPS:...

Malware Analysis – smokeloader – 58ff38bdff8438163ca9fbe87236b7eb

October 6, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 58ff38bdff8438163ca9fbe87236b7ebSHA1: f1e258bf5c8505ee04739c331e2304669b2b3371ANALYSIS DATE: 2022-10-06T15:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 58ff38bdff8438163ca9fbe87236b7eb

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 58ff38bdff8438163ca9fbe87236b7ebSHA1: f1e258bf5c8505ee04739c331e2304669b2b3371ANALYSIS DATE: 2022-10-06T15:41:09ZTTPS:...

Malware Analysis – redline – 1259ae3073eba6af139f7a5520da1bc6

October 6, 2022

Score: 10 MALWARE FAMILY: redlineTAGS:family:redline, discovery, infostealer, persistence, ransomware, spywareMD5: 1259ae3073eba6af139f7a5520da1bc6SHA1: 7bd280d484c60373f276322eacb11566b16af368ANALYSIS DATE: 2022-10-06T16:11:55ZTTPS: T1012, T1112, T1005, T1081, T1060, T1082,...

Malware Analysis – smokeloader – 5dbee5162f032bf484ddbcc68eebbf42

October 6, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5dbee5162f032bf484ddbcc68eebbf42SHA1: 07e86d83adc3e04caf149922c48085b7639b6837ANALYSIS DATE: 2022-10-06T16:34:57ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 6fbde990ad1659a4063bbcc3099ae82a

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6fbde990ad1659a4063bbcc3099ae82aSHA1: f6e725c2280469ab5a3c39cc82cfb03dec67a6bcANALYSIS DATE: 2022-10-06T16:32:33ZTTPS: T1053, T1005, T1081, T1222,...

Malware Analysis – smokeloader – 5dbee5162f032bf484ddbcc68eebbf42

October 6, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5dbee5162f032bf484ddbcc68eebbf42SHA1: 07e86d83adc3e04caf149922c48085b7639b6837ANALYSIS DATE: 2022-10-06T16:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 5dbee5162f032bf484ddbcc68eebbf42

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 5dbee5162f032bf484ddbcc68eebbf42SHA1: 07e86d83adc3e04caf149922c48085b7639b6837ANALYSIS DATE: 2022-10-06T16:38:20ZTTPS:...

Cisco fixed two high-severity bugs in Communications, Networking Products

October 6, 2022

Cisco fixed high-severity flaws in some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. Cisco announced...

City of Tucson Data Breach impacted 123,500 individuals

October 6, 2022

The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals....

Arsenal – Recon Tool installer

October 6, 2022

Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and...

19-Year-Old man arrested for misusing leaked record from Optus Breach

October 6, 2022

The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data...

Black Basta Ransomware Victim: Willemen Group

October 6, 2022

Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Cobalt Stike Beacon Detected – 23[.]224[.]42[.]32:443

October 6, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – b1315f90a7f98c5f7e187104615bf20f

October 6, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: b1315f90a7f98c5f7e187104615bf20fSHA1: 49f773c7e7cf66d715de2c2f7fd5352515918c0dANALYSIS DATE: 2022-10-06T08:28:22ZTTPS: T1082, T1088, T1089, T1112, T1031, T1107, T1490, T1098,...

Malware Analysis – ransomware – a1ffce6c80f805b72c61cc6225457c8b

October 6, 2022

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a1ffce6c80f805b72c61cc6225457c8bSHA1: 47b2e3cd345f535da7abfa4a02284dcdb2fe177cANALYSIS DATE: 2022-10-06T08:15:46ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – cd13e52122e4ea82def4bd8303bfa3fb

October 6, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: cd13e52122e4ea82def4bd8303bfa3fbSHA1: 7f4f730b297d30a04364360ccf06636dcd1d25c5ANALYSIS DATE: 2022-10-06T08:28:04ZTTPS: T1005, T1081, T1012, T1082,...

threatintel

Malware Analysis – djvu – 8082396808375b2d4297de6297b85387

Malware Analysis – – ef4fdf65fc90bfda8d1d2ae6d20aff60

Malware Analysis – djvu – c90ab0e7f5139a1690233dd68f54cf28

Malware Analysis – privateloader – 4109b53059128d74bf178bfbc7b5d7e5

Malware Analysis – smokeloader – 58ff38bdff8438163ca9fbe87236b7eb

Malware Analysis – djvu – 58ff38bdff8438163ca9fbe87236b7eb

Malware Analysis – redline – 1259ae3073eba6af139f7a5520da1bc6

Malware Analysis – smokeloader – 5dbee5162f032bf484ddbcc68eebbf42

Malware Analysis – djvu – 6fbde990ad1659a4063bbcc3099ae82a

Malware Analysis – smokeloader – 5dbee5162f032bf484ddbcc68eebbf42

Malware Analysis – djvu – 5dbee5162f032bf484ddbcc68eebbf42

Cisco fixed two high-severity bugs in Communications, Networking Products

City of Tucson Data Breach impacted 123,500 individuals

Arsenal – Recon Tool installer

19-Year-Old man arrested for misusing leaked record from Optus Breach

Black Basta Ransomware Victim: Willemen Group

Cobalt Stike Beacon Detected – 23[.]224[.]42[.]32:443

Malware Analysis – evasion – b1315f90a7f98c5f7e187104615bf20f

Malware Analysis – ransomware – a1ffce6c80f805b72c61cc6225457c8b

Malware Analysis – djvu – cd13e52122e4ea82def4bd8303bfa3fb

Cobalt Stike Beacon Detected – 49[.]234[.]137[.]223:80

Cobalt Stike Beacon Detected – 43[.]143[.]172[.]113:443

Cobalt Stike Beacon Detected – 62[.]182[.]159[.]147:443

Cobalt Stike Beacon Detected – 120[.]25[.]167[.]104:443

Cobalt Strike Beacon Detected – 64[.]23[.]128[.]110:80

Cobalt Strike Beacon Detected – 1[.]15[.]34[.]67:7777

Cobalt Strike Beacon Detected – 103[.]27[.]109[.]184:8000

Cobalt Strike Beacon Detected – 107[.]174[.]85[.]150:80

Cobalt Strike Beacon Detected – 124[.]71[.]161[.]5:50000

You may have missed