LockBit 3.0 Ransomware Victim: norseman[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – d8e2fea7f0aff05d78f0feb3b61c3ac7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: d8e2fea7f0aff05d78f0feb3b61c3ac7SHA1: 308c51ef3ef2c2c93fb24589cb6dec08e893d675ANALYSIS DATE: 2022-11-19T15:41:20ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – discovery – 5591211a3b6591dcfdda3254820eb446
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 5591211a3b6591dcfdda3254820eb446SHA1: 25f0b212b9e083f900fbc14f8fc900295a4b9b4cANALYSIS DATE: 2022-11-19T15:34:17ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – – 5e1a659a734f2849a28f9dee904decf0
Score: 3 MALWARE FAMILY: TAGS:MD5: 5e1a659a734f2849a28f9dee904decf0SHA1: ebddba71804e902042dffc9cfd5f5f8780e3a79aANALYSIS DATE: 2022-11-19T15:54:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
HackerOne Bug Bounty Disclosure: reflected-xss-in-chatbotbyroland_hack
Programme HackerOne MTN Group MTN Group Submitted by roland_hack roland_hack Report Reflected XSS in chatbot Full Report A considerable amount...
Malware Analysis – bootkit – 5c51a8836f1c31af4517ff739cb3e7fa
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, evasion, persistenceMD5: 5c51a8836f1c31af4517ff739cb3e7faSHA1: 49af67355378b659a38686c6b02e7de32915a1f8ANALYSIS DATE: 2022-11-19T16:53:55ZTTPS: T1067, T1222, T1158, T1012, T1082, T1059, T1102, T1018...
Malware Analysis – redline – ca1cf4a9b531c3c6d84dbb188dc649ad
Score: 10 MALWARE FAMILY: redlineTAGS:family:redline, agilenet, discovery, evasion, infostealer, persistence, ransomware, spyware, stealerMD5: ca1cf4a9b531c3c6d84dbb188dc649adSHA1: 0bc2567aa74c9deaf85a78f4d675f16939dabd6dANALYSIS DATE: 2022-11-19T16:10:35ZTTPS: T1012, T1082, T1060,...
Malware Analysis – djvu – 02117002dd6e40b919ff3b59a2f3cf1b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 02117002dd6e40b919ff3b59a2f3cf1bSHA1: a85ebba39171b4617e7e6104e8ad616fb9e83f33ANALYSIS DATE: 2022-11-19T17:08:36ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – 6f60b9997d06030dba66cb6906052770
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6f60b9997d06030dba66cb6906052770SHA1: 9be16feea12623a1a745f6cb34bd0e552edaa6d1ANALYSIS DATE: 2022-11-19T17:15:42ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – dcrat – e812b559b4f0a8fd5d11c86e2b7bbdea
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – smokeloader – c6e438c54033096a47d752040658de04
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c6e438c54033096a47d752040658de04SHA1: 9856b7ab9e99830f5819408b61527b5f422d8f45ANALYSIS DATE: 2022-11-19T17:51:16ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 6836ea5f1dd9575394d3d549e29729f7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 6836ea5f1dd9575394d3d549e29729f7SHA1: 941860f0b34142aa11a1e5e4bbf10035568f1d7dANALYSIS DATE: 2022-11-19T17:29:41ZTTPS: T1130, T1112, T1060, T1222, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 49e12e0bd76941ab54dec0db51cd6e22
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 49e12e0bd76941ab54dec0db51cd6e22SHA1: da575ad370d523ed8017f354645dbae9f22180a7ANALYSIS DATE: 2022-11-19T17:34:38ZTTPS: T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family was...
Black Friday and Cyber Monday, crooks are already at work
Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema....
Wodat – Windows Oracle Database Attack Toolkit
Simple port of the popular Oracle Database Attack Tool (ODAT) ( TEST Module tests if the given connection string can...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Cobalt Stike Beacon Detected – 147[.]78[.]242[.]119:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]99[.]27[.]116:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]149[.]44:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]60[.]223[.]157:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]23[.]61[.]144:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]149[.]44:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]6[.]84:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
