Daily Vulnerability Trends: Wed Feb 01 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-47966Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow...
BlackCat/ALPHV Ransomware Victim: Vision Technologies
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – evasion – a809cc37ab51220d8f957f9f67d57e09
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: a809cc37ab51220d8f957f9f67d57e09SHA1: bea4d2fb6764d041f89f78b5eadc2a5cd2dcfd59ANALYSIS DATE: 2023-02-01T02:45:25ZTTPS: T1012, T1120, T1082, T1112, T1491 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – bdc7ff51ade65fde49d77d149c3ab603
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: bdc7ff51ade65fde49d77d149c3ab603SHA1: bce076a5c43cd896ecb92f8f26e40cf7d89731f2ANALYSIS DATE: 2023-02-01T03:46:45ZTTPS:...
Malware Analysis – maze – ca927fc487ca5f9196493b8f22ff611c
Score: 10 MALWARE FAMILY: mazeTAGS:family:maze, ransomware, spyware, stealer, trojanMD5: ca927fc487ca5f9196493b8f22ff611cSHA1: afbe838c881e5b223351ff8fa05ddeb3678581baANALYSIS DATE: 2023-02-01T05:13:48ZTTPS: T1005, T1081, T1107, T1490, T1491, T1112, T1082...
Malware Analysis – djvu – 4936a6d56013bbedd4c7769e47481772
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4936a6d56013bbedd4c7769e47481772SHA1: 7eb18b3bfd278e4825a23c0bb3fe739586e9d0f6ANALYSIS DATE: 2023-02-01T04:44:26ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – ransomware – de49129aa659dec2af0736cb8bf08eba
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: de49129aa659dec2af0736cb8bf08ebaSHA1: 24aa45280c7821e0c9e404f6ce846f1ce00b9823ANALYSIS DATE: 2023-02-01T05:12:57ZTTPS: T1082, T1491, T1112, T1130 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 5ac925dd0ed8f683443c4873fd48a37b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 5ac925dd0ed8f683443c4873fd48a37bSHA1: 97ddc705341f4825fe41c738cab0373851c52132ANALYSIS DATE: 2023-02-01T05:46:20ZTTPS:...
Malware Analysis – sodinokibi – 4b4c98ac8f04680f7c529956cfe8519b
Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:$2a$10$qq5kf6jmnztrqdzq4ez/rez9tdkves4amex9dq.5v6uwjq4wsyzky, campaign:3537, ransomwareMD5: 4b4c98ac8f04680f7c529956cfe8519bSHA1: e6dccf4b1fc5ab116b6bc1321346b35dbf42f387ANALYSIS DATE: 2023-02-01T05:34:04ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – smokeloader – 071c11210a2edc6b3d92fb55617dca53
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 071c11210a2edc6b3d92fb55617dca53SHA1: 887064a172b18b0409ec880c7ecce2a10ba8d919ANALYSIS DATE: 2023-02-01T05:30:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – banker – 1fa35993c075d9884558b6c7990cdc7e
Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 1fa35993c075d9884558b6c7990cdc7eSHA1: 327cd6e3c8639b7681b49f4ce939fa8165029c6eANALYSIS DATE: 2023-02-01T05:23:57ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Sandfly-Entropyscan – Tool To Detect Packed Or Encrypt ed Binaries Related To Malware, Finds Malicious Files And Linux Processes And Gives Output With Cryptographic Hashes
What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure...
Cobalt Stike Beacon Detected – 78[.]128[.]112[.]196:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 182[.]61[.]13[.]166:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]153[.]50[.]171:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]185[.]85[.]247:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
US-CERT Bulletin (SB23-030):Vulnerability Summary for the Week of January 23, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Vice Society Ransomware Victim: TechInsights
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Societa Italiana Brevetti SpA
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 107[.]189[.]28[.]121:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]163[.]3:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]215[.]85[.]143:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 161[.]35[.]17[.]28:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]8[.]152:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
