Royal Ransomware Victim: ATLAS
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
OSINT
Malware Analysis – evasion – fd9170ec42a74eb94ad7e4d23fc793ba
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: fd9170ec42a74eb94ad7e4d23fc793baSHA1: a541035a5fdc235e19d71fa42dc53f02c9a5b379ANALYSIS DATE: 2022-12-21T16:34:21ZTTPS: T1102, T1004, T1112, T1088, T1089, T1491, T1082, T1012...
Malware Analysis – djvu – 5bb7092fb1f0adf06c2ab31aab04ae33
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 5bb7092fb1f0adf06c2ab31aab04ae33SHA1: a44f5a01b2786183c9d5f7f282ade30736a35254ANALYSIS DATE: 2022-12-21T16:56:06ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – persistence – 83a31d74585bfebeadfdc651acad3159
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 83a31d74585bfebeadfdc651acad3159SHA1: 927908c24c7b9fb067400040b6672898d2618443ANALYSIS DATE: 2022-12-21T17:44:07ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – persistence – 62212183c9d54195239f18d9c42e7407
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, upxMD5: 62212183c9d54195239f18d9c42e7407SHA1: dee3dcb4795a6318f06d80ef110ce04fbc5f3bbaANALYSIS DATE: 2022-12-21T17:56:05ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – ransomware – b3f5d8a881bf8c1c0431cb6b9747918f
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b3f5d8a881bf8c1c0431cb6b9747918fSHA1: 7c2b61a227133ce76c2b2fa95945c82647cfb5fcANALYSIS DATE: 2022-12-21T17:48:05ZTTPS: T1082, T1107, T1490, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1c1aa12967b3ed3043ad16c1f8d6b54f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 1c1aa12967b3ed3043ad16c1f8d6b54fSHA1: dba7f6324ef35a521e136230a5f2b9686c7b2150ANALYSIS DATE: 2022-12-21T17:51:07ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper.Microsoft...
Researchers spotted a new variant of the Agenda ransomware which is written in the cross platform programming language Rust
Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro...
Ukraines CERT UA revealed the national Delta military intelligence program has been targeted with a malware based attack
Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack.On December 17, 2022, the...
The Glupteba botnet is back researchers reported a surge in infection worldwide after Google disrupted its operation in
The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021.In December...
German multinational industrial engineering and steel production company ThyssenKrupp AG was the target of a cyberattack
German multinational industrial engineering and steel production company ThyssenKrupp AG was the target of a cyberattack.German multinational industrial engineering and...
Researchers spotted a malicious package in the Python Package Index PyPI repository that impersonates a software development kit SDK for SentinelOne
Researchers spotted a malicious package in the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for...
US government is warning of business email compromise BEC attacks aimed at hijacking shipments of food products and ingredients
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients.The Federal...
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild.Cisco has updated multiple...
Russia linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of Ukraine
Russia-linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of...
Squarephish – An advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes
SquarePhish is an advanced The victim will then scan the QR code found in the email body with their mobile...
Cobalt Stike Beacon Detected – 194[.]135[.]24[.]246:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]76[.]196[.]6:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]75[.]218[.]220:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]61:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 66[.]42[.]38[.]47:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]100:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]143[.]2[.]128:2095
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
