Cobalt Stike Beacon Detected – 138[.]91[.]107[.]208:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 120[.]55[.]100[.]163:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]156[.]244:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]189[.]175:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CISA: CISA and Partners Release BianLian Ransomware Cybersecurity Advisory
CISA and Partners Release BianLian Ransomware Cybersecurity Advisory CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security...
Malware Analysis – amadey – 0ec4a63f542b0950ad234dfea89ff66c
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:379b0d0a9ef2b4ae960ec452f90e3e8b, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, backdoor, discovery, ransomware, spyware, stealer, trojanMD5: 0ec4a63f542b0950ad234dfea89ff66cSHA1: efd68444aa8943aad102219eaded8e819dc40679ANALYSIS DATE: 2023-05-16T15:30:38ZTTPS:...
Malware Analysis – ransomware – 913ec579a6bbbd0347b42fd7504effd1
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 913ec579a6bbbd0347b42fd7504effd1SHA1: 2c2c89c193f6a527a9980f659a27ca1820d08de3ANALYSIS DATE: 2023-05-16T15:24:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 669a891fe610e110917fad79b6876f55
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 669a891fe610e110917fad79b6876f55SHA1: a762faa446f6a8da5770ecca619fc2cffdf33ab1ANALYSIS DATE: 2023-05-16T15:47:04ZTTPS: T1060, T1112, T1053, T1005,...
Malware Analysis – djvu – 5a8e2f2bdcc6be8d189e1badb8717ca0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 5a8e2f2bdcc6be8d189e1badb8717ca0SHA1: 08d6fbe62d6bfbff71e9cb54d04bd995de47ea0dANALYSIS DATE: 2023-05-16T15:46:00ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – discovery – 87208f8f5babd537eb42ced3831018bd
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, ransomware, trojanMD5: 87208f8f5babd537eb42ced3831018bdSHA1: 1bf91f8c00d9af85bce514f0c70d99ebff800e68ANALYSIS DATE: 2023-05-16T16:39:21ZTTPS: T1012, T1120, T1082, T1222, T1130, T1112 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – dc8396334e68e4ad4a8de1ae8dd3fbe8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: dc8396334e68e4ad4a8de1ae8dd3fbe8SHA1: 599785fc24bf60cc66234af1302e2afbdf7768c6ANALYSIS DATE: 2023-05-16T16:30:39ZTTPS: T1012, T1082, T1053, T1005,...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on May 16, 2023. These...
China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks
The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks...
Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
Ransomware affiliates associated with the Qilin ransomware-as-a-service (RaaS) scheme earn anywhere between 80% to 85% of each ransom payment, according...
Medusa Locker Ransomware Victim: BAMSI
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cyolo Product Overview: Secure Remote Access to All Environments
Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer...
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed...
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target...
LockBit 3.0 Ransomware Victim: norcorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: chinadailyhk[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: airtac[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 101[.]43[.]165[.]220:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Abyss Ransomware Victim: www[.]l3harris[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Abyss Ransomware Victim: brett-robinson[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
