AzureGraph – Azure AD Enumeration Over MS Graph
AzureGraph is an Azure AD information gathering tool over Microsoft Graph. Thanks to Microsoft Graph technology, it is possible to...
HIVE Ransomware Victim: KNOX College
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – discovery – 8a6217d94e1bcbabdd1dfcdcaa83d1b3
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 8a6217d94e1bcbabdd1dfcdcaa83d1b3SHA1: 99b81b01f277540f38ea3e96c9c6dc2a57dfeb92ANALYSIS DATE: 2022-12-10T15:06:33ZTTPS: T1082, T1112, T1042, T1060, T1012 ScoreMeaningExample10Known badA malware family...
Malware Analysis – dcrat – 86f5c0ac5d7174289a605ba00ffdb417
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:vidar, botnet:517, botnet:mario23_10, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealerMD5: 86f5c0ac5d7174289a605ba00ffdb417SHA1:...
Malware Analysis – dcrat – 337e23be35ce48644c600dfa6e621935
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – 3580aa18f94b7334e5af86a9df3179f7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3580aa18f94b7334e5af86a9df3179f7SHA1: 011ff27d6e1ae18b56b6c392ce48549632993e62ANALYSIS DATE: 2022-12-10T15:55:50ZTTPS: T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 02f83fe24845fc6e11673865f3e638a6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, botnet:mario23_10, bootkit, collection, discovery, infostealer, persistence, ransomware, spywareMD5: 02f83fe24845fc6e11673865f3e638a6SHA1: e534e469071fcdb04268dd7167b3f6aba6f98a0fANALYSIS DATE: 2022-12-10T15:31:45ZTTPS: T1012, T1120,...
Malware Analysis – djvu – c3488db7bcf308cdc6e6b142dfb5393e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c3488db7bcf308cdc6e6b142dfb5393eSHA1: be86e3e28b8c42f2bfa3436bfb19cd4945c832f0ANALYSIS DATE: 2022-12-10T17:03:12ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – dcrat – 60ff077bb695fbf5542a70c57825a5c4
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – 948fa46063f9f65bcfafe46c43771ffe
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 948fa46063f9f65bcfafe46c43771ffeSHA1: 5d7bae7461613a3ba11b4acdf4b6207e0e71039aANALYSIS DATE: 2022-12-10T17:11:32ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – 82fd30cac3fbe60424f8b68a42dfaf18
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 82fd30cac3fbe60424f8b68a42dfaf18SHA1: 7f3bef20950b0acc170beb97d94d626fe0627284ANALYSIS DATE: 2022-12-10T17:24:25ZTTPS: T1060, T1112, T1222, T1082, T1012 ScoreMeaningExample10Known badA malware...
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a...
LockBit 3.0 Ransomware Victim: rhotelja[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: oltax[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hawanasalalah[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: biotipo[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: koda[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US HHS warns healthcare orgs of Royal Ransomware attacks
The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The human-operated Royal ransomware...
Malware Analysis – xorist – 60d155a69731675bb493c707ae205c96
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, upxMD5: 60d155a69731675bb493c707ae205c96SHA1: 22d7741ea994b80188a8d43955083c760553cb99ANALYSIS DATE: 2022-12-06T00:47:17ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 183[.]57[.]37[.]247:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]95[.]44[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – c86a231363e8d7aa4d0acf13442ed998
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: c86a231363e8d7aa4d0acf13442ed998SHA1: e7ceb5a16b0563c220a796af88b1e2e02525763aANALYSIS DATE: 2022-12-10T09:46:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dcrat – f42012648010b8dddc5d023e46e64144
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – cerber – a57745a30d63f511d28aa43e4b710e1c
Score: 10 MALWARE FAMILY: cerberTAGS:family:cerber, evasion, persistence, ransomware, spyware, stealerMD5: a57745a30d63f511d28aa43e4b710e1cSHA1: 5985e7d1831784fd15de2cc62451deb16b65b046ANALYSIS DATE: 2022-12-10T09:32:04ZTTPS: T1490, T1107, T1158, T1112, T1082, T1005,...
