RedPacket Security - InfoSec News & Tutorials

Cobalt Stike Beacon Detected – 118[.]31[.]76[.]225:4430

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 121[.]5[.]234[.]90:888

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – fd9170ec42a74eb94ad7e4d23fc793ba

December 31, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: fd9170ec42a74eb94ad7e4d23fc793baSHA1: a541035a5fdc235e19d71fa42dc53f02c9a5b379ANALYSIS DATE: 2022-12-30T21:26:50ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – discovery – 104bc7f2d94943c4474b1f4f469a2cee

December 31, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 104bc7f2d94943c4474b1f4f469a2ceeSHA1: 8f2b5202f00ebac670636806b8c49a2917651f05ANALYSIS DATE: 2022-12-30T21:11:38ZTTPS: T1082, T1057, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – amadey – 8e933d52ccb49e00f87114ad4eca837e

December 31, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 8e933d52ccb49e00f87114ad4eca837eSHA1:...

Malware Analysis – smokeloader – c736a762fc51fb3feef8ca6294395b12

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c736a762fc51fb3feef8ca6294395b12SHA1: f08a967ff043f1b0e3da5607e07e9c23cc127814ANALYSIS DATE: 2022-12-30T22:01:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – ab39a99cb87673d34352810cc6989d7f

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ab39a99cb87673d34352810cc6989d7fSHA1: ef0c89c1f8e3c78789fdcaf7b4ea8b24e2c37591ANALYSIS DATE: 2022-12-30T23:43:01ZTTPS: T1060, T1112, T1222, T1005,...

Malware Analysis – amadey – 6cd5c286fcae09f8e1c2ed2994adec92

December 31, 2022

Malware Analysis – – 33ab0ac396c5e0e5dd47c187c37bac2f

December 31, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 33ab0ac396c5e0e5dd47c187c37bac2fSHA1: 5ab5db3a6344e531c9a1e44305071985520c7a11ANALYSIS DATE: 2022-12-30T22:04:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – e6e1bad5a9c1478a96963705e86dcb99

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e6e1bad5a9c1478a96963705e86dcb99SHA1: 29e70b864c6eb89f0ed4d77a6af10b854392f5a1ANALYSIS DATE: 2022-12-30T22:34:01ZTTPS: T1012, T1082, T1005, T1081,...

HackerOne Bug Bounty Disclosure: dom-based-xss-on-parameter-?vsid=bydracoludio

December 30, 2022

Programme HackerOne JetBlue JetBlue Submitted by dracoludio dracoludio Report Dom-Based XSS on parameter ?vsid= Full Report A considerable amount of...

Malware Analysis – amadey – 341a6999d2e5ba98ddceb1ec611efebc

December 30, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:instpenn, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware,...

Malware Analysis – amadey – f246c5569a93d9655604871ec6dc3aaf

December 30, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:instpenn, botnet:letgo, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware,...

Malware Analysis – ransomware – f5193c12248ee4eb6bac6b11aff87734

December 30, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: f5193c12248ee4eb6bac6b11aff87734SHA1: b96027cbdcae8ce2ea8ef3302c08ed4fe25cd23fANALYSIS DATE: 2022-12-30T17:14:46ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – discovery – fea370ba722df2426478793bd7d812a8

December 30, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: fea370ba722df2426478793bd7d812a8SHA1: 23096f183fd7717caca663cbe73e9d2170833222ANALYSIS DATE: 2022-12-30T16:50:33ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 99334c9bec2c6c27328d315165de39b6

December 30, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 99334c9bec2c6c27328d315165de39b6SHA1: e493b7b9ed6f887a4ceb7246a07d8ef05cb396c7ANALYSIS DATE: 2022-12-30T16:47:34ZTTPS: T1060, T1112, T1012, T1082,...

HIVE Ransomware Victim: Camst Group

December 30, 2022

HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Malware Analysis – – b346183f5462c7c00ff2d003e8196a7d

December 30, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: b346183f5462c7c00ff2d003e8196a7dSHA1: 94f102ad7c6717b14bb70ed277f6402ddc9100f7ANALYSIS DATE: 2022-12-30T17:46:26ZTTPS: T1130, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – amadey – 40d315051f49a13c417110582f9fb6d1

December 30, 2022

Malware Analysis – discovery – dfd804f813a483907ec996ced444af66

December 30, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: dfd804f813a483907ec996ced444af66SHA1: 7c02662a7570608e61c86a9859eda7b0f661a177ANALYSIS DATE: 2022-12-30T17:32:52ZTTPS: T1130, T1112, T1060, T1012, T1497, T1120, T1082 ScoreMeaningExample10Known...

Malware Analysis – discovery – c1e681e9f1f5088b317ec90f02473f6a

December 30, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: c1e681e9f1f5088b317ec90f02473f6aSHA1: 3b3d637e3866234a642b49d283646488ae434bd7ANALYSIS DATE: 2022-12-30T17:32:20ZTTPS: T1082, T1060, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

LockBit 3.0 Ransomware Victim: presco[.]com

December 30, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

News

Ukraine shuts down fraudulent call center claiming 18,000 victims

December 30, 2022

A group of imposters operating out of a Ukrainian call center defrauded thousands of victims while pretending to be IT security...

Crypto platform 3Commas admits hackers stole API keys

December 30, 2022

An anonymous Twitter user published yesterday a set of 10,000 API keys allegedly obtained from the 3Commas cryptocurrency trading platform....

Main Story

Fortifying the Supply Chain through Practical Security for Modern Organizations

Editor’s Picks

Trending Story

Featured Story

You may have missed