LockBit 3.0 Ransomware Victim: azliver[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Seguros Equinoccial
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – a3dd84a411b7edddae84278455400dd5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a3dd84a411b7edddae84278455400dd5SHA1: 4e9ba9788414d152ae656adf75939d3724c4ec0eANALYSIS DATE: 2023-01-29T09:23:23ZTTPS: T1053, T1012, T1060, T1112,...
Malware Analysis – ransomware – fee7c379f3a555c5c821e872ec384a91
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: fee7c379f3a555c5c821e872ec384a91SHA1: 7346e2e29faddd63ae5c610c07acab46b2b1b176ANALYSIS DATE: 2023-01-29T09:48:34ZTTPS: T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – – fc50e05b611db89a9c7eb359e68ebc5f
Score: 10 MALWARE FAMILY: TAGS:MD5: fc50e05b611db89a9c7eb359e68ebc5fSHA1: 72e31f940f1214e1c36a34a69b53b0d07d4c61efANALYSIS DATE: 2023-01-29T09:34:19ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – 84afdad4a70a6122c3f157100a197db7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 84afdad4a70a6122c3f157100a197db7SHA1: 22afcb3520b8bfe314e7f505ccee14ae81f8e547ANALYSIS DATE: 2023-01-29T09:49:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – d16e82ba2c319750e888f763d98a3a8c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: d16e82ba2c319750e888f763d98a3a8cSHA1: f2be4e0a2b06c80db9f3320b7db1c8c15e80aa19ANALYSIS DATE: 2023-01-29T10:48:08ZTTPS:...
Malware Analysis – djvu – f6d4d4b428393d0d8b55165c2a9076dd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f6d4d4b428393d0d8b55165c2a9076ddSHA1: 75a3f25169fd56e7932a5ddfc3ec7616558791f1ANALYSIS DATE: 2023-01-29T11:05:05ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – – 45f3f9b201644ddadf6204497c9adb49
Score: 3 MALWARE FAMILY: TAGS:MD5: 45f3f9b201644ddadf6204497c9adb49SHA1: 78a9c9c95fceaa63083eb466d013c16da9c07f4cANALYSIS DATE: 2023-01-29T09:54:56ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 4b51df4028f1d801c45f07daa07d9c90
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 4b51df4028f1d801c45f07daa07d9c90SHA1: 0a46c206f4abd891bb67d9ebfd55d572aa0456d3ANALYSIS DATE: 2023-01-29T11:01:21ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Cobalt Stike Beacon Detected – 47[.]244[.]167[.]171:4545
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – spyware – 5e887fdac8a3cac0b047a737043789a8
Score: 7 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: 5e887fdac8a3cac0b047a737043789a8SHA1: 8c9745138d835b783278cb61170a7153bb003784ANALYSIS DATE: 2023-01-29T11:17:02ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 20[.]189[.]74[.]59:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – da627411e7e85229355ed325520a7d4e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da627411e7e85229355ed325520a7d4eSHA1: 3a603f52b7285be51b1533815eecc67b0447af35ANALYSIS DATE: 2023-01-29T11:35:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 360ef53ce1b09b03998bf2ab743f7dc7
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomware, spyware, stealerMD5: 360ef53ce1b09b03998bf2ab743f7dc7SHA1: 9166c3760b1d1cf9a395e344858e4e01158795bcANALYSIS DATE: 2023-01-29T11:09:44ZTTPS: T1060, T1012, T1005, T1081, T1082, T1059, T1102,...
Malware Analysis – – bfe6ee8069f6e7c572382a97fd16d104
Score: 3 MALWARE FAMILY: TAGS:MD5: bfe6ee8069f6e7c572382a97fd16d104SHA1: e017c8f52a53cd0374d7867af14e567b79d6cffdANALYSIS DATE: 2023-01-29T11:33:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 3[.]29[.]24[.]212:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]188[.]58[.]32:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 109[.]172[.]45[.]28:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Siretta QUARTZ-GOLD directory traversal | CVE-2022-41154
NAME__________Siretta QUARTZ-GOLD directory traversalPlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to traverse directories on the system,...
Argo Project Argo CD security bypass | CVE-2023-22736
NAME__________Argo Project Argo CD security bypassPlatforms Affected:Argo Project Argo CD 2.5.7 Argo Project Argo CD 2.6.0-rc4 Argo Project Argo CD...
Siretta QUARTZ-GOLD command execution |
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
UFLO2 code execution | CVE-2022-25894
NAME__________UFLO2 code executionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UFLO2 could allow a remote attacker to execute arbitrary code on the system, caused...
Pi-hole security bypass | CVE-2023-23614
NAME__________Pi-hole security bypassPlatforms Affected:Pi-hole Pi-hole 4.0 Pi-hole Pi-hole 5.18.2Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Pi-hole could allow a remote authenticated attacker to bypass...
