Cobalt Stike Beacon Detected – 45[.]9[.]148[.]135:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 24b0c85674ba78acb5a1874ecbaeba1b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, trojanMD5: 24b0c85674ba78acb5a1874ecbaeba1bSHA1: 1a790098fabbb5bfcac4b121778eebc4edb3b909ANALYSIS DATE:...
Malware Analysis – djvu – 9a95a7b355c69424882b236a582bf2be
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, trojanMD5: 9a95a7b355c69424882b236a582bf2beSHA1: b86e4102d769658824062250574cafbe9dbda28fANALYSIS DATE:...
Malware Analysis – evasion – a13660524fc3d9a379a2b1945ba0e3d0
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a13660524fc3d9a379a2b1945ba0e3d0SHA1: a0b161fbbe42a776807a58aff68afcda639fd79aANALYSIS DATE: 2022-10-30T22:32:45ZTTPS: T1060, T1112, T1088, T1089, T1005, T1081,...
Malware Analysis – evasion – a22a6791465a9a578b5476af1d3af3c0
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a22a6791465a9a578b5476af1d3af3c0SHA1: 2fee1734d038c460fa489907f415f5440cbf362bANALYSIS DATE: 2022-10-30T22:32:49ZTTPS: T1060, T1112, T1158, T1088, T1089, T1082,...
Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies
According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The...
German BKA arrested the alleged operator of Deutschland im Deep Web darknet market
German police arrested a student that is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace....
BlackCat/ALPHV Ransomware Victim: Kolas Law Firm
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Network Communications Inc
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – djvu – 4154fc7a72570db72966dccccb93f5ca
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:google2, botnet:mario23_10, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – evasion – 931bd3160c08b92c4ff90b66b8efcec5
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 931bd3160c08b92c4ff90b66b8efcec5SHA1: c816e7d1a082f6b4ae8798958e3bf0daeb5c407bANALYSIS DATE: 2022-10-30T05:39:02ZTTPS: T1491, T1112, T1490, T1082, T1012, T1120, T1088, T1089,...
Malware Analysis – persistence – a2bf3ceb879904e6fe6fdaa80a6db39b
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a2bf3ceb879904e6fe6fdaa80a6db39bSHA1: dba07637840b84133a3cf8e9012d6a9b5c50d7f0ANALYSIS DATE: 2022-10-30T04:47:36ZTTPS: T1112, T1060, T1107, T1490, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – ransomware – 9ca46c92ae6ab9a127917be16cbbf337
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 9ca46c92ae6ab9a127917be16cbbf337SHA1: b80a2ed9fe34575f709dff7badc5ea1d31eef986ANALYSIS DATE: 2022-10-30T15:40:39ZTTPS: T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – hive – 177417be748814f6168171a42545f9dd
Score: 10 MALWARE FAMILY: hiveTAGS:family:hive, evasion, ransomware, spyware, stealer, trojanMD5: 177417be748814f6168171a42545f9ddSHA1: 9c8b988e66e0fe6f9dab69b1055e4ee200531094ANALYSIS DATE: 2022-10-30T15:56:09ZTTPS: T1490, T1070, T1005, T1081, T1107, T1018,...
Malware Analysis – ransomware – 30c121c3995d7d7c5597b0b4d3047aa2
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 30c121c3995d7d7c5597b0b4d3047aa2SHA1: 4c80abe95de3788a5ff6b2e16175a68b76413643ANALYSIS DATE: 2022-10-30T15:40:33ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – d9956991845e1e275e0fc823133eebf2
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: d9956991845e1e275e0fc823133eebf2SHA1: d5c9a236ea6a8af8af49f1b95d9065d5d31be737ANALYSIS DATE: 2022-10-30T15:40:47ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – smokeloader – c7b987a36262b72c27d1e3282186f235
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c7b987a36262b72c27d1e3282186f235SHA1: f6722992a55c8d7ab60986725b0d07204b14c4a3ANALYSIS DATE: 2022-10-30T17:36:38ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 1bd2517f25e7ba3a3b9568c2768b66d9
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1bd2517f25e7ba3a3b9568c2768b66d9SHA1: a7cd993dd6b820b4c8f4fd9973a29e1f779c5ac1ANALYSIS DATE: 2022-10-30T16:16:56ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – c862bbb79cf3512d444dec4acb489882
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:google2, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...
Malware Analysis – ransomware – 73daf946d8e6ca26d983209add90d970
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 73daf946d8e6ca26d983209add90d970SHA1: 4490a66af0cd16b30c6e189e44b5c900cc822fb4ANALYSIS DATE: 2022-10-30T16:09:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
BlackByte ransomware group hit Japanese beverage giant Asahi
The BlackByte ransomware group claims to have compromised the Japanese beer and beverage company Asahi. Asahi Group Holdings, Ltd. is a global Japanese beer,...
Air New Zealand warns of an ongoing credential stuffing attack
Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air...
Security Affairs newsletter Round 391
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Ermir – An Evil Java RMI Registry
Ermir is an Evil/Rogue RMI Registry, it public String list(): list() asks the registry for all the bound objects names,...
