Crooks use HTML smuggling to spread QBot malware via SVG files
Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a...
OSINT
Daily Vulnerability Trends: Thu Dec 15 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able...
BreachForums Database Leak Alert: Zurich Insurance
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Reassessing cyberwarfare. Lessons learned in 2022
At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. We...
LockBit 3.0 Ransomware Victim: mcft[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – discovery – eef656aa3446db3bab13a470728eea79
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: eef656aa3446db3bab13a470728eea79SHA1: 3537783a081fe63335cd9d59d3eae2f3ffb9c055ANALYSIS DATE: 2022-12-15T04:59:40ZTTPS: T1082, T1057, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – c8241ec1dc6217bc489d6e6ad4f5b1c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: c8241ec1dc6217bc489d6e6ad4f5b1c8SHA1: 8fb3d53bc63dfcfe4ccadad3b6e8f484a13ce50eANALYSIS DATE: 2022-12-15T03:28:03ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 23f7a30f806a2a55fbcd14722a4074a7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 23f7a30f806a2a55fbcd14722a4074a7SHA1: 48b8314303627ff6b3ad10e00f9b8290d25ef50eANALYSIS DATE: 2022-12-15T05:19:03ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – bd7302ea911a88e7e25eb1782fe894d6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: bd7302ea911a88e7e25eb1782fe894d6SHA1: 3e5100ba6e9a759cb2d6e69ece28e13e5c7d8d5dANALYSIS DATE: 2022-12-15T05:19:03ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – ransomware – 2876fff5b9730449ee0f1e4bc1ed4824
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 2876fff5b9730449ee0f1e4bc1ed4824SHA1: 83525e855f2926edea8b7403f3f401826fa7112fANALYSIS DATE: 2022-12-15T05:03:41ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – d475e79a41ff72af77c7c5f298044c60
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: d475e79a41ff72af77c7c5f298044c60SHA1: 0a53004e426b92d468c87097f17134d7f540af16ANALYSIS DATE: 2022-12-15T05:19:04ZTTPS: T1082, T1130, T1112, T1053, T1060, T1222 ScoreMeaningExample10Known badA...
Cobalt Stike Beacon Detected – 43[.]138[.]178[.]132:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: – Authorized drivers can disable remote monitoring – By KLWTTS
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Cobalt Stike Beacon Detected – 23[.]227[.]194[.]86:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]240[.]118[.]209:1025
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]83[.]17[.]116:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 85[.]239[.]53[.]101:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]98[.]50[.]48:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]220[.]189[.]243:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]5[.]235[.]93:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]132[.]241[.]133:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – abdecf396125ed6985112d0b9bc94d2d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: abdecf396125ed6985112d0b9bc94d2dSHA1: 3eec4c4a8b4b53d4cfe33d394b3d7da5a77fd480ANALYSIS DATE: 2022-12-14T21:46:26ZTTPS: T1053, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – djvu – 75de9a4c6e90b43030277ac594c11116
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 75de9a4c6e90b43030277ac594c11116SHA1: 1e30177739c0ab9435466b5d7bc6baadf2e9afa6ANALYSIS DATE: 2022-12-14T20:58:02ZTTPS: T1012, T1005, T1081, T1082, T1053, T1060,...
Malware Analysis – evasion – 20e59b94354e289a6dda5f3ba89ab17d
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 20e59b94354e289a6dda5f3ba89ab17dSHA1: ed698b7eb0a1b3cccad034e25a4b9f80fd48b01dANALYSIS DATE: 2022-12-14T21:49:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
