OSINT

Malware Analysis – – c34c49a9b96d5a7d748a0a4d9710c724

April 22, 2023

Score: 6 MALWARE FAMILY: TAGS:MD5: c34c49a9b96d5a7d748a0a4d9710c724SHA1: ff1f0f83fb7ad3de4a6575c8e74e829047a41e87ANALYSIS DATE: 2023-04-22T15:39:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 4656b7d2f66e89e0e4abd1d89644cd28

April 22, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: 4656b7d2f66e89e0e4abd1d89644cd28SHA1: 3edeb841721f62785d3c2d79efbe7500438dacaeANALYSIS DATE: 2023-04-22T17:10:25ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – amadey – 478b577f1c2f29eac6bf1c49bab3e999

April 22, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:rhadamanthys, family:smokeloader, family:vidar, family:xmrig, botnet:bf58e1879f88b222ba2391682babf9d8, botnet:pub1, backdoor, collection, discovery, evasion, miner, persistence, ransomware,...

Malware Analysis – amadey – d9b10e1835acff0918213a43a4d6c29d

April 22, 2023

Malware Analysis – djvu – c4c89fbaf5fec1345072aa7fab40c017

April 22, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: c4c89fbaf5fec1345072aa7fab40c017SHA1: 3abc91a497a4fbaea1da12dccd4a5b1516c022b6ANALYSIS DATE: 2023-04-22T16:30:48ZTTPS: T1005, T1081, T1060, T1112,...

OSINT

Malware Analysis – – c34c49a9b96d5a7d748a0a4d9710c724

Malware Analysis – djvu – 4656b7d2f66e89e0e4abd1d89644cd28

Malware Analysis – amadey – 478b577f1c2f29eac6bf1c49bab3e999

Malware Analysis – amadey – d9b10e1835acff0918213a43a4d6c29d

Malware Analysis – djvu – c4c89fbaf5fec1345072aa7fab40c017

LockBit 3.0 Ransomware Victim: stuertz[.]com

Vice Society Ransomware Victim: Neptune Lines

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

Karakurt Ransomware Victim: Wynn-Reeth

University websites using MediaWiki, TWiki hacked to serve Fortnite spam

The Week in Ransomware – April 21st 2023 – Macs in the Crosshairs

Kubernetes RBAC abused to create persistent cluster backdoors

American Bar Association data breach hits 1.4 million members

Critical infrastructure also hit by supply chain attack behind 3CX breach

GhostToken GCP flaw let attackers backdoor Google accounts

Cl0p Ransomware Victim: AUT-TECH-GROUP[.]COM

CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool

CISA: CISA Releases Malware Analysis Report on ICONICSTEALER

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: Oracle Releases Security Updates

CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities

CISA: CISA Releases Two SBOM Documents

CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

[SARCOMA] – Ransomware Victim: Inox Laghi

Citrix Products Multiple Vulnerabilities

Vmware Before Broadcom Was ‘a Unicorn In Fluffy Cloudland’

Linux Foundation Says Yes To Nosql Via Documentdb

One Long Sentence Is All It Takes To Make Llms Misbehave

You may have missed