Posh C2 Detected – 44[.]192[.]81[.]16:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Villain – Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other...
DotDumper – An Automatic Unpacker And Logger For DotNet Framework Targeting Files
An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022....
ExchangeFinder – Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version
ExchangeFinder is a simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on...
Malware Analysis – djvu – 93c0547134939574209bab5e292eaeed
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 93c0547134939574209bab5e292eaeedSHA1: 8c0deaa8439563a4abae05fc5c00f1802aed55a5ANALYSIS DATE: 2023-01-06T15:26:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – sodinokibi – 5f58902825d15d59528f98faf43b86c3
Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:$2a$10$d/hor8pzftxyevodyrecsebolxf2dclmqmqjta4y2usfgkhezxq62, campaign:4430, ransomwareMD5: 5f58902825d15d59528f98faf43b86c3SHA1: f09e5e72b433d11a32efe2e5d63db0bc7b8def59ANALYSIS DATE: 2023-01-06T15:34:10ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – smokeloader – 95432e26e7c83698ae92fd7f4d2b9222
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 95432e26e7c83698ae92fd7f4d2b9222SHA1: a67787768b020628afda97d86381c37fc4dc4806ANALYSIS DATE: 2023-01-06T15:46:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Royal Ransomware Victim: LEK / HABO
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – amadey – dfca7a657c978b69e88320208730b439
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: dfca7a657c978b69e88320208730b439SHA1: bc815f3ddd98e327204ef3a0664b6ba00423220eANALYSIS DATE:...
Malware Analysis – djvu – 90968ea53198c599194304983a2c872e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 90968ea53198c599194304983a2c872eSHA1: 1ca1702e09f31bb8595be784a05f4d492eb73aafANALYSIS DATE: 2023-01-06T16:16:04ZTTPS: T1130, T1112, T1060, T1222, T1082,...
Malware Analysis – amadey – 0d8206f8fbd4cad4c14fbc48e1ecec79
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 0d8206f8fbd4cad4c14fbc48e1ecec79SHA1: 446cf441f1280e16a10a6a7cc48e59aec15d98b3ANALYSIS DATE:...
Malware Analysis – persistence – f05f09f300d490e67a9cd0b9022fae09
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: f05f09f300d490e67a9cd0b9022fae09SHA1: 22f498684dcec3fd39d046322b016554124aa266ANALYSIS DATE: 2023-01-06T16:33:50ZTTPS: T1012, T1120, T1082, T1060, T1130, T1112 ScoreMeaningExample10Known badA malware family...
HIVE Ransomware Victim: Consulate Health Care
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – djvu – 5bbf807c56cf3a364d547ee56141b74e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 5bbf807c56cf3a364d547ee56141b74eSHA1: f03b55aa4df795edd9a05511e0b54d7645d5a714ANALYSIS DATE: 2023-01-06T17:24:05ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – a0c687836dca8e691d7a6e09cf859a87
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: a0c687836dca8e691d7a6e09cf859a87SHA1: 2709628eadbb3e5a7307f038f14e4bc0bfa9d7c7ANALYSIS DATE: 2023-01-06T17:06:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – djvu – d5f4a4dd7cfce94f91232adca74b896e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: d5f4a4dd7cfce94f91232adca74b896eSHA1: ac7457fede47e2c438c83973c85fdf43df608eb3ANALYSIS DATE: 2023-01-06T17:31:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – discovery – bbc61a962ace5a343b9489e5da288648
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: bbc61a962ace5a343b9489e5da288648SHA1: 01ee948abf008ad7b576595c95beb5015d199730ANALYSIS DATE: 2023-01-06T17:29:41ZTTPS: T1012, T1082, T1057 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – 698538668c49ccbc41c8206d9252bacf
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 698538668c49ccbc41c8206d9252bacfSHA1: 2e912da10980b396997396a6ffc74d879a82733cANALYSIS DATE:...
Malware Analysis – chaos – d36637d2e08e4c001d39699cedb6248a
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomwareMD5: d36637d2e08e4c001d39699cedb6248aSHA1: d2b4f5326781dce97cadf039d3e58124c838cb20ANALYSIS DATE: 2023-01-06T17:45:47ZTTPS: T1490, T1059, T1107, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – 8da384b2427b8397a5934182c159c257
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 8da384b2427b8397a5934182c159c257SHA1: 7bcd2d32a19c1ac7bd014dc9e64b806fdff5f5deANALYSIS DATE: 2023-01-06T17:46:43ZTTPS: T1490, T1491, T1112, T1012, T1120, T1082, T1107 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 4c3380ed58f4ee04d6638af670f3d834
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4c3380ed58f4ee04d6638af670f3d834SHA1: 8ebb5a19d4163ea8231b1ff4de7b23c7e5d67919ANALYSIS DATE: 2023-01-06T17:52:50ZTTPS: T1082, T1012, T1060, T1112,...
Vice Society Ransomware Victim: LetMeRepair
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Xavier University of Louisiana
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Sub-drill Supply
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
