OSINT

Cl0p Ransomware Victim: GLOBALFARM[.]COM[.]AR

March 25, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cl0p Ransomware Victim: UNIMELB[.]EDU[.]AU

March 25, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cl0p Ransomware Victim: ATOS[.]NET

March 25, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cl0p Ransomware Victim: TGW[.]COM

March 25, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cl0p Ransomware Victim: REDBOXVOICE[.]COM

March 25, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

RansomHouse Ransomware Victim: Cospec Srl

March 25, 2023

RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – wannacry – c5a9f57fee2d9dbba767f67bee2dafe4

March 24, 2023

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: c5a9f57fee2d9dbba767f67bee2dafe4SHA1: c7b9304389b6504fb41dcd486c77c7ddf03e237cANALYSIS DATE: 2023-03-24T15:52:24ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – smokeloader – 966165e4becd35b65cd6b4c79816241d

March 24, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 966165e4becd35b65cd6b4c79816241dSHA1: 66d5cbcde976c5ca6f7c02fbefca031d267cd752ANALYSIS DATE: 2023-03-24T16:12:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 2141d7aab3e3945146e46180e873ee0f

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 2141d7aab3e3945146e46180e873ee0fSHA1: 4a16f19272c4b30680848f0e2077e6518a09ad17ANALYSIS DATE: 2023-03-24T16:30:32ZTTPS: T1012, T1005, T1081, T1060,...

Malware Analysis – djvu – 5c2e5bc1540bcd697a2f511c6d8c9c64

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 5c2e5bc1540bcd697a2f511c6d8c9c64SHA1: 3c5eabf8a51af70fd8931056e2126620ec5e6abeANALYSIS DATE: 2023-03-24T16:34:09ZTTPS: T1053, T1005, T1081, T1012,...

Malware Analysis – gandcrab – cd5866f5118ae8712ad9cc66fba3df4f

March 24, 2023

Score: 10 MALWARE FAMILY: gandcrabTAGS:family:gandcrab, backdoor, persistence, ransomware, upxMD5: cd5866f5118ae8712ad9cc66fba3df4fSHA1: 6cf658ea474ee24a76ddac575842641f9eac17b4ANALYSIS DATE: 2023-03-24T16:34:04ZTTPS: T1012, T1082, T1060, T1112, T1120 ScoreMeaningExample10Known badA...

Malware Analysis – djvu – 55282dd0a8decfac5d7ce8dfa3a8c73d

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 55282dd0a8decfac5d7ce8dfa3a8c73dSHA1: c37470fae1b492851df0fcf395a92cf7da7831c1ANALYSIS DATE: 2023-03-24T16:41:06ZTTPS: T1053, T1005, T1081, T1012,...

Malware Analysis – djvu – f0f9c70b9496b12c2fd49c3c4396b266

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: f0f9c70b9496b12c2fd49c3c4396b266SHA1: 7036397bff6aa05c6f0d5a19b3322c277f8bec9bANALYSIS DATE: 2023-03-24T18:01:03ZTTPS: T1082, T1012, T1005, T1081,...

Malware Analysis – adware – 2882ed8a193f0626b73ba15c4f1154d6

March 24, 2023

Score: 10 MALWARE FAMILY: adwareTAGS:adware, discovery, persistence, ransomware, stealerMD5: 2882ed8a193f0626b73ba15c4f1154d6SHA1: 904b78c79b999b38fe0d21aad18b0c68584198d0ANALYSIS DATE: 2023-03-24T17:38:50ZTTPS: T1012, T1082, T1120, T1112, T1176, T1130, T1060...

Malware Analysis – djvu – 0812858b2a61eec88a043ca8d0a0a343

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 0812858b2a61eec88a043ca8d0a0a343SHA1: b669063e530330f145eea8dc8e21484e72109b85ANALYSIS DATE: 2023-03-24T16:54:06ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – amadey – 9e883caa8da3ee91f740a872e74ec9c0

March 24, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:smokeloader, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, botnet:pub1, botnet:sprg, backdoor, discovery, loader, persistence, ransomware, spyware, stealer, trojanMD5:...

Malware Analysis – amadey – 48742e003ed618f79d381384b4601215

March 24, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, botnet:koreamon, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, persistence, ransomware, rat,...

Malware Analysis – djvu – 838b0c1191098c2ab44a11d4da64df64

March 24, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 838b0c1191098c2ab44a11d4da64df64SHA1: e78b2db847800c83f816580db5f45bd94c657140ANALYSIS DATE: 2023-03-24T18:01:43ZTTPS: T1012, T1060, T1112, T1082,...

Malware Analysis – amadey – 8700d2452d5d8f223324605b125acd3e

March 24, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, trojanMD5: 8700d2452d5d8f223324605b125acd3eSHA1: de8a2b5c9c85c67158426c28ad1ec554525dbf65ANALYSIS DATE: 2023-03-24T18:30:56ZTTPS: T1012, T1120,...

Malware Analysis – gandcrab – faebc8605aa6ae0210b3d7332a4085b4

March 24, 2023

Score: 10 MALWARE FAMILY: gandcrabTAGS:family:gandcrab, backdoor, persistence, ransomwareMD5: faebc8605aa6ae0210b3d7332a4085b4SHA1: 0da4e0038853df664af34d14a20cb7ae48a35cfaANALYSIS DATE: 2023-03-24T18:43:29ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

OSINT

Cl0p Ransomware Victim: GLOBALFARM[.]COM[.]AR

Cl0p Ransomware Victim: UNIMELB[.]EDU[.]AU

Cl0p Ransomware Victim: ATOS[.]NET

Cl0p Ransomware Victim: TGW[.]COM

Cl0p Ransomware Victim: REDBOXVOICE[.]COM

RansomHouse Ransomware Victim: Cospec Srl

Malware Analysis – wannacry – c5a9f57fee2d9dbba767f67bee2dafe4

Malware Analysis – smokeloader – 966165e4becd35b65cd6b4c79816241d

Malware Analysis – djvu – 2141d7aab3e3945146e46180e873ee0f

Malware Analysis – djvu – 5c2e5bc1540bcd697a2f511c6d8c9c64

Malware Analysis – gandcrab – cd5866f5118ae8712ad9cc66fba3df4f

Malware Analysis – djvu – 55282dd0a8decfac5d7ce8dfa3a8c73d

Malware Analysis – djvu – f0f9c70b9496b12c2fd49c3c4396b266

Malware Analysis – adware – 2882ed8a193f0626b73ba15c4f1154d6

Malware Analysis – djvu – 0812858b2a61eec88a043ca8d0a0a343

Malware Analysis – amadey – 9e883caa8da3ee91f740a872e74ec9c0

Malware Analysis – amadey – 48742e003ed618f79d381384b4601215

Malware Analysis – djvu – 838b0c1191098c2ab44a11d4da64df64

Malware Analysis – amadey – 8700d2452d5d8f223324605b125acd3e

Malware Analysis – gandcrab – faebc8605aa6ae0210b3d7332a4085b4

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps

GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations

Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

You may have missed