Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
In what's a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the npm repository in...
OSINT
LockBit 3.0 Ransomware Victim: skylinetrisource[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – smokeloader – 6bc7191f01f23be6ba8357774482f793
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6bc7191f01f23be6ba8357774482f793SHA1: 0ab05f8739fc671bca7bad965a1d620685636e26ANALYSIS DATE: 2023-02-22T09:58:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – glupteba – 23f59ddcd11358b08e491b19a3f5bb53
Score: 10 MALWARE FAMILY: gluptebaTAGS:family:glupteba, discovery, dropper, evasion, loader, persistence, ransomware, rootkit, trojanMD5: 23f59ddcd11358b08e491b19a3f5bb53SHA1: 1820b968b20c4cc20ae9eb5013eb9ab1def75c60ANALYSIS DATE: 2023-02-22T10:01:53ZTTPS: T1012, T1031, T1082,...
Malware Analysis – djvu – ea746870e963dfa82938756374ca769b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ea746870e963dfa82938756374ca769bSHA1: a4ce68ec85dd371a8be61bb42409c9825a44432eANALYSIS DATE: 2023-02-22T10:03:04ZTTPS: T1012, T1082, T1222, T1053,...
Cobalt Stike Beacon Detected – 124[.]222[.]47[.]83:4646
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]204[.]38:8990
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]224[.]189[.]177:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 3ca2f51c8e5250840893415bb49031a6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3ca2f51c8e5250840893415bb49031a6SHA1: 4491dc36f7b2aed7ee61cde93803b7b1dee7f3a4ANALYSIS DATE: 2023-02-22T10:21:41ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – dae95ad4f51a6a765e8065a4d21ade1a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: dae95ad4f51a6a765e8065a4d21ade1aSHA1: 443b5fe4e30839244962003b666c08b952fcaafeANALYSIS DATE: 2023-02-22T10:42:27ZTTPS:...
Malware Analysis – djvu – c0e4c0955f80dcbf2099c2ffb2fc8461
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c0e4c0955f80dcbf2099c2ffb2fc8461SHA1: f9839880808345143a87a37ab2f6101f1f89edefANALYSIS DATE: 2023-02-22T10:33:16ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – 20fd15790c7efd6c9d1adea6a173c876
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 20fd15790c7efd6c9d1adea6a173c876SHA1: 5cb377821a019ab0db82c9a493022ee083824a19ANALYSIS DATE: 2023-02-22T10:11:30ZTTPS:...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]89[.]195[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]65[.]140[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – harly – b40f641da0c05fe97e558341d59236e2
Score: 10 MALWARE FAMILY: harlyTAGS:family:harly, infostealer, ransomware, trojanMD5: b40f641da0c05fe97e558341d59236e2SHA1: 65632a662c5478555cede3301ac46f55d33d7ac5ANALYSIS DATE: 2023-02-22T11:34:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – smokeloader – 145466b3234adf3b9745ea36d0531ec0
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 145466b3234adf3b9745ea36d0531ec0SHA1: 01a065a2cc04eb82f484e43f34cab6e921178559ANALYSIS DATE: 2023-02-22T11:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – octo – 71d5c5dc3b8c5ded7b005155b84e3b16
Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 71d5c5dc3b8c5ded7b005155b84e3b16SHA1: a5c267fd84f0594279a0cc4f1c609a61120a5fdbANALYSIS DATE: 2023-02-22T11:10:11ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – smokeloader – f77d72707555a26065e33dc12449fd6f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f77d72707555a26065e33dc12449fd6fSHA1: a5ad0c808420aea73737299ba482797959835541ANALYSIS DATE: 2023-02-22T11:15:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
LockBit 3.0 Ransomware Victim: lyonhealy[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Daily Vulnerability Trends: Wed Feb 22 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-0544An integer underflow in the DDS loader of Blender leads to an...
LockBit 3.0 Ransomware Victim: treves-group[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – quantum – 1ac3f71feece118a03c9e23af063f6d1
Score: 10 MALWARE FAMILY: quantumTAGS:family:quantum, ransomwareMD5: 1ac3f71feece118a03c9e23af063f6d1SHA1: bbc3979075e0574e54a5ead497fcba95fcc78fc0ANALYSIS DATE: 2023-02-22T03:06:12ZTTPS: T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
