NBA alerts fans of a data breach exposing personal information
The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, "held" by...
OSINT
RAT developer arrested for infecting 10,000 PCs with malware
Ukraine's cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing...
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day...
Alleged BreachForums owner ‘Pompompurin’ arrested on cybercrime charges
U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking...
The Week in Ransomware – March 17th 2023 – Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting...
Brute Ratel C4 Detected – 52[.]194[.]85[.]123:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Wifi_Db – Script To Parse Aircrack-ng Captures To A SQLite Database
Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes (in 22000 hashcat format), MGT...
FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
An Android voice phishing (aka vishing) malware campaign known as FakeCalls has reared its head once again to target South...
Malware Analysis – gafgyt – bb5ac3218b68aec33e16261196971d7f
Score: 10 MALWARE FAMILY: gafgytTAGS:family:gafgyt, family:plugx, family:redline, botnet, discovery, exploit, infostealer, persistence, trojanMD5: bb5ac3218b68aec33e16261196971d7fSHA1: 7df56150a22016e079c4b3e3a45446bffc2fcd9eANALYSIS DATE: 2023-03-17T16:30:04ZTTPS: T1082, T1050, T1060,...
Malware Analysis – djvu – 68b0f16d837d77eb7edb40ade07b3844
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 68b0f16d837d77eb7edb40ade07b3844SHA1: e235b7725b1c1e5c7162f0010a7db46073b80040ANALYSIS DATE: 2023-03-17T16:15:06ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – djvu – ce3b3de5f62d393aeebd49c31bd29d41
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: ce3b3de5f62d393aeebd49c31bd29d41SHA1: 154ab2adc0f1921e0a2d6956e33d980e921a901fANALYSIS DATE: 2023-03-17T16:11:34ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – smokeloader – 3e59d07d7af4a0b0314ffcbff5fd12d8
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3e59d07d7af4a0b0314ffcbff5fd12d8SHA1: fc32ffaf265d7b38adc59092c967babf1fd92baaANALYSIS DATE: 2023-03-17T17:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – 06c1e142d1c9f438103774ec50d9b348
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 06c1e142d1c9f438103774ec50d9b348SHA1:...
Malware Analysis – ransomware – 3b56fee645b36a022471189294485517
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 3b56fee645b36a022471189294485517SHA1: 90138e3902b096a89b03271ea664ccc6193b766cANALYSIS DATE: 2023-03-17T17:07:14ZTTPS: T1005, T1081, T1491, T1112, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – discovery – 7a42e24c7b1607887a49e5929d38f8f9
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 7a42e24c7b1607887a49e5929d38f8f9SHA1: 41f9462a8182758714761a839664f69d9d2c3b7eANALYSIS DATE: 2023-03-17T17:26:40ZTTPS: T1060, T1112, T1012, T1042, T1082, T1130 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 26551b9c3dbace2dd837828f85d078bd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 26551b9c3dbace2dd837828f85d078bdSHA1: 52ca324a5cf64db3586f4b2d5f9607144b044c74ANALYSIS DATE: 2023-03-17T17:50:19ZTTPS: T1012, T1222, T1082, T1053,...
Malware Analysis – ransomware – 2e7a4354b997f086db89e1a28ca60816
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2e7a4354b997f086db89e1a28ca60816SHA1: ee98de0cbeefd9df93c364719b2ae69696f32382ANALYSIS DATE: 2023-03-17T18:12:54ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – bea14d484e11b88a5a1f76233f52f732
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: bea14d484e11b88a5a1f76233f52f732SHA1: 0c391495bc75c4926b52b14fdd27bd3f7e410911ANALYSIS DATE: 2023-03-17T17:52:32ZTTPS: T1222, T1060, T1112, T1005,...
Malware Analysis – amadey – a480e4bf51162bfd63ed718149a4a608
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: a480e4bf51162bfd63ed718149a4a608SHA1: 16b9d95ce72eceef41e51df9c30c1f84e63d9d72ANALYSIS...
LockBit 3.0 Ransomware Victim: waldogeneral[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: perfectplacement[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mandirisekuritas[.]co[.]id
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: meatel[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: radium[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
