LockBit 3.0 Ransomware Victim: vipar[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
LockBit 3.0 Ransomware Victim: nationallocums[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
LockBit 3.0 Ransomware Victim: montibello[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
LockBit 3.0 Ransomware Victim: richardsind[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cobalt Stike Beacon Detected – 147[.]78[.]47[.]135:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]39[.]157[.]8:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]94[.]240[.]207:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 1f3fa4c1b46a4c543c5cfb65727ee66f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 1f3fa4c1b46a4c543c5cfb65727ee66fSHA1: 3ef7cb7af6958c82b6fbba86765141f7b704aaefANALYSIS DATE: 2023-02-15T10:03:48ZTTPS:...
Malware Analysis – smokeloader – e137a8d531e7def08ae705ee04f8089a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e137a8d531e7def08ae705ee04f8089aSHA1: b7f57f8d7d22ba40cfe834976583f6c054c121fcANALYSIS DATE: 2023-02-15T09:06:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]38:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]46[.]185[.]86:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]100[.]215[.]156:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]195[.]249[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – e57762afc5371e7b0c32ac6712c85e78
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e57762afc5371e7b0c32ac6712c85e78SHA1: 348ad22c24a2c90b0067f524120eb5799d8b8c94ANALYSIS DATE: 2023-02-15T10:30:09ZTTPS: T1060, T1112, T1222, T1005,...
Malware Analysis – – 2e3bdf628e9bfaa6fe04786c390bdc6e
Score: 8 MALWARE FAMILY: TAGS:MD5: 2e3bdf628e9bfaa6fe04786c390bdc6eSHA1: 09e783f6b97b7e84e0b736b8db308d25a8c22633ANALYSIS DATE: 2023-02-15T10:05:30ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – e6c4eb245ab9d0b8435986f7d0d3283e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e6c4eb245ab9d0b8435986f7d0d3283eSHA1: 7c790fd8289e60f5de7f54525d6fcddcd71cbca8ANALYSIS DATE: 2023-02-15T10:10:30ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – 89af5f0e7d2b08f92443bd39f80948c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 89af5f0e7d2b08f92443bd39f80948c8SHA1: 05d2b1ac67cc405e10a0d82872ddc1befbd9151bANALYSIS DATE: 2023-02-15T10:06:31ZTTPS: T1005, T1081, T1053, T1222,...
Malware Analysis – djvu – d24826e0fe7505e1f34a9c90b740407e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d24826e0fe7505e1f34a9c90b740407eSHA1: a87ff01742a668029e92ff16cd7c957080ea4f0aANALYSIS DATE: 2023-02-15T10:45:27ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – collection – 017214b2759268c211cb65b9df140857
Score: 10 MALWARE FAMILY: collectionTAGS:collection, evasion, ransomware, spyware, stealerMD5: 017214b2759268c211cb65b9df140857SHA1: 87953d31303e156302a1939c7dffd538c116af22ANALYSIS DATE: 2023-02-15T11:17:17ZTTPS: T1082, T1158, T1112, T1491, T1114, T1130, T1005,...
Malware Analysis – maze – 61b32a82577a7ea823ff7303ab6b4283
Score: 10 MALWARE FAMILY: mazeTAGS:family:maze, ransomware, spyware, stealer, trojanMD5: 61b32a82577a7ea823ff7303ab6b4283SHA1: 9107c719795fa5768498abb4fed11d907e44d55eANALYSIS DATE: 2023-02-15T11:35:21ZTTPS: T1491, T1112, T1005, T1081, T1107, T1490 ScoreMeaningExample10Known...
Malware Analysis – djvu – e46127da689e4443d5332c16019ec1fe
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e46127da689e4443d5332c16019ec1feSHA1: c0fc40e9389822e01d80463a304e5b4349e5be99ANALYSIS...
NameCheap’s email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that...
The Week in Ransomware – February 10th 2023 – Clop’s Back
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware....
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. Released in May...
