RedPacket Security - InfoSec News & Tutorials

Hackers use new PowerMagic and CommonMagic malware to steal data

March 22, 2023

Security researchers have discovered attacks from an advanced threat actor that used “a previously unseen malicious framework” called CommonMagic and...

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

March 22, 2023

In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023,...

RansomHouse Ransomware Victim: Design CATAPULT

March 22, 2023

RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

db0bbc73c9363104d3339de56785fd4cf072b58a95ed0aa23b4d242b6d8bdff4

Invoke-PSObfuscation – An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You’Re On Windows Or Kali Linux

March 21, 2023

Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue...

Malware Analysis – amadey – 6cdaede49ef2e633127488885fb06030

March 21, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:redline, family:rhadamanthys, family:smokeloader, family:vidar, botnet:fronx2, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, loader, persistence, ransomware,...

Malware Analysis – djvu – 4fb20686bc89af2e05086d23acd03ded

March 21, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 4fb20686bc89af2e05086d23acd03dedSHA1: 1819399d18736fef25382b70f566a343a0190a4dANALYSIS DATE: 2023-03-21T16:32:32ZTTPS: T1012, T1082, T1005, T1081, T1060,...

Malware Analysis – djvu – 137e1a10363bdc6bcda337cc0366c4a0

March 21, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 137e1a10363bdc6bcda337cc0366c4a0SHA1: 17bb4a66bcf72c91dd19dba83ef0df2b75999d8bANALYSIS DATE: 2023-03-21T16:39:21ZTTPS: T1222, T1053, T1005, T1081, T1012,...

Malware Analysis – djvu – eedc8762268992134adfad53f79e8f2b

March 21, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: eedc8762268992134adfad53f79e8f2bSHA1: 8fbb0774255716c23ecf56467ca61a978bca5ac0ANALYSIS DATE: 2023-03-21T17:11:02ZTTPS: T1005, T1081, T1012, T1082, T1060,...

Malware Analysis – djvu – 1aa5f5e7075595564871a31581070efc

March 21, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 1aa5f5e7075595564871a31581070efcSHA1: 403f1d459972dba30f392d869e6ab2d88f5971deANALYSIS DATE: 2023-03-21T18:49:32ZTTPS: T1053, T1012, T1082, T1005, T1081,...

Malware Analysis – evasion – 53ce3a5d1987f019f63a0679a2f25bce

March 21, 2023

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, trojan, upxMD5: 53ce3a5d1987f019f63a0679a2f25bceSHA1: 1db064653e30ca5e82d122bdc4782dac9e941fbbANALYSIS DATE: 2023-03-21T18:04:33ZTTPS: T1089, T1112, T1018 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 3e24b4dda34ee179d93408970ef1fced

March 21, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 3e24b4dda34ee179d93408970ef1fcedSHA1: 5408863a9b5f28a232f4c6d3422c56e16ddd170eANALYSIS DATE: 2023-03-21T17:51:02ZTTPS: T1222, T1053, T1005, T1081, T1060,...

Malware Analysis – amadey – ade7133a2f4a50a1b7dc122b55778280

March 21, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: ade7133a2f4a50a1b7dc122b55778280SHA1: 8413e88ec4b203116cb03cb8c099556be1bee557ANALYSIS...

New ‘Bad Magic’ Cyber Threat Disrupt Ukraine’s Key Sectors Amid War

March 21, 2023

Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have...

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

March 21, 2023

Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a...

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

March 21, 2023

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in...

The Best Defense Against Cyber Threats for Lean Security Teams

March 21, 2023

H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That...