Cobalt Stike Beacon Detected – 121[.]127[.]233[.]205:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]40[.]7[.]23:8999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]4[.]88[.]243:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – 01c5089df96b9c8da162b9a83c5056a8
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
Malware Analysis – amadey – 43fec7a0e3948a78bedf6cf27e9bf538
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – discovery – 3a02deed11f7ff4dbc1188d201ad164a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 3a02deed11f7ff4dbc1188d201ad164aSHA1: 5c935f5c25c2975ef384878bb094567fb19519c9ANALYSIS DATE: 2022-12-31T23:29:57ZTTPS: T1060, T1012, T1082, T1120, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – evasion – 7237bb5c2bcc4b19e8f574b3d9525df7
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 7237bb5c2bcc4b19e8f574b3d9525df7SHA1: 80e73da87d2c5f19a2c6c7ba0140520bb345acc3ANALYSIS DATE: 2022-12-31T22:47:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Posh C2 Detected – 52[.]62[.]27[.]203:4443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Canadian mining firm shuts down mill after ransomware attack
The Canadian Copper Mountain Mining Corporation (CMMC) in British Columbia has announced that it was the target of a ransomware attack...
New Linux malware uses 30 plugin exploits to backdoor WordPress sites
A previously unknown Linux malware has been exploiting 30 vulnerabilities in multiple outdated WordPress plugins and themes to inject malicious JavaScript. According to...
LockBit ransomware claims attack on Port of Lisbon in Portugal
An cyberattack hitting the Port of Lisbon Administration (APL), the third-largest port in Portugal, on Christmas day has been claimed...
LockBit 3.0 Ransomware Victim: hacla[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sickkids[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – amadey – caea0d7d729cd98183ab8f89d159ed96
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
Malware Analysis – discovery – 247a35851fdee53a1696715d67bd0905
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistence, trojanMD5: 247a35851fdee53a1696715d67bd0905SHA1: d2e86020e1d48e527e81e550f06c651328bd58a4ANALYSIS DATE: 2022-12-31T14:59:41ZTTPS: T1082, T1112, T1042, T1088, T1089, T1222, T1004,...
Royal Ransomware Victim: QUT
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – smokeloader – 124b03b3d75478abea2f458fee60959d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 124b03b3d75478abea2f458fee60959dSHA1: 904c8a2dd40b96e58ff1cec864a2a210aa48c887ANALYSIS DATE: 2022-12-31T15:42:09ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – gozi – 5f5e0c106041d9a391d1be6671dc82f3
Score: 10 MALWARE FAMILY: goziTAGS:family:gozi, family:maze, banker, ransomware, spyware, stealer, trojanMD5: 5f5e0c106041d9a391d1be6671dc82f3SHA1: aa43e1ecc45a4ae28642235b9f1e891a78f54e65ANALYSIS DATE: 2022-12-31T15:41:40ZTTPS: T1112, T1107, T1490, T1005, T1081,...
Malware Analysis – djvu – c2809657fe7902d12920cc9f9165b7dc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c2809657fe7902d12920cc9f9165b7dcSHA1: 31e5bd2de345e7add3b55bc88d17974564c311edANALYSIS DATE: 2022-12-31T16:03:13ZTTPS: T1060, T1112, T1222, T1005,...
Malware Analysis – djvu – 9edd6fe2a4167bf6dd0e3b4329c821ec
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 9edd6fe2a4167bf6dd0e3b4329c821ecSHA1: 15b299689d8b27c1c07a744b7a557952c1a84d58ANALYSIS DATE: 2022-12-31T15:53:02ZTTPS: T1130, T1112, T1060, T1222, T1082...
HIVE Ransomware Victim: Centro Médico Virgen De La Caridad
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – amadey – a58ba818715cbcd50fff388b246e04d1
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – smokeloader – ebb941aeae54958f197195a8cdc02cbc
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ebb941aeae54958f197195a8cdc02cbcSHA1: 42b41bdaa608fc7723e41d8f9eeac644d1b2cbe5ANALYSIS DATE: 2022-12-31T16:46:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a2596c636a3bf52bcea6b30b6a0e1069
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: a2596c636a3bf52bcea6b30b6a0e1069SHA1: d5645bac3d29b0b2da83443450c8afb49311c223ANALYSIS DATE: 2022-12-31T16:06:14ZTTPS: T1060, T1112, T1222, T1082, T1053,...
