BlueHound – Tool That Helps Blue Teams Pinpoint The Security Issues That Actually Matter
BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about...
OSINT
Yaralyzer – Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors
Visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in...
Vice Society Ransomware Victim: NPTC Group of Colleges
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Seguros Equinoccial
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: azliver[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Seguros Equinoccial
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – smokeloader – 84afdad4a70a6122c3f157100a197db7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 84afdad4a70a6122c3f157100a197db7SHA1: 22afcb3520b8bfe314e7f505ccee14ae81f8e547ANALYSIS DATE: 2023-01-29T09:49:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – – fc50e05b611db89a9c7eb359e68ebc5f
Score: 10 MALWARE FAMILY: TAGS:MD5: fc50e05b611db89a9c7eb359e68ebc5fSHA1: 72e31f940f1214e1c36a34a69b53b0d07d4c61efANALYSIS DATE: 2023-01-29T09:34:19ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – ransomware – fee7c379f3a555c5c821e872ec384a91
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: fee7c379f3a555c5c821e872ec384a91SHA1: 7346e2e29faddd63ae5c610c07acab46b2b1b176ANALYSIS DATE: 2023-01-29T09:48:34ZTTPS: T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – a3dd84a411b7edddae84278455400dd5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a3dd84a411b7edddae84278455400dd5SHA1: 4e9ba9788414d152ae656adf75939d3724c4ec0eANALYSIS DATE: 2023-01-29T09:23:23ZTTPS: T1053, T1012, T1060, T1112,...
Cobalt Stike Beacon Detected – 47[.]244[.]167[.]171:4545
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 4b51df4028f1d801c45f07daa07d9c90
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 4b51df4028f1d801c45f07daa07d9c90SHA1: 0a46c206f4abd891bb67d9ebfd55d572aa0456d3ANALYSIS DATE: 2023-01-29T11:01:21ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – – 45f3f9b201644ddadf6204497c9adb49
Score: 3 MALWARE FAMILY: TAGS:MD5: 45f3f9b201644ddadf6204497c9adb49SHA1: 78a9c9c95fceaa63083eb466d013c16da9c07f4cANALYSIS DATE: 2023-01-29T09:54:56ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – f6d4d4b428393d0d8b55165c2a9076dd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f6d4d4b428393d0d8b55165c2a9076ddSHA1: 75a3f25169fd56e7932a5ddfc3ec7616558791f1ANALYSIS DATE: 2023-01-29T11:05:05ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – d16e82ba2c319750e888f763d98a3a8c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: d16e82ba2c319750e888f763d98a3a8cSHA1: f2be4e0a2b06c80db9f3320b7db1c8c15e80aa19ANALYSIS DATE: 2023-01-29T10:48:08ZTTPS:...
Malware Analysis – smokeloader – da627411e7e85229355ed325520a7d4e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da627411e7e85229355ed325520a7d4eSHA1: 3a603f52b7285be51b1533815eecc67b0447af35ANALYSIS DATE: 2023-01-29T11:35:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 20[.]189[.]74[.]59:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – spyware – 5e887fdac8a3cac0b047a737043789a8
Score: 7 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: 5e887fdac8a3cac0b047a737043789a8SHA1: 8c9745138d835b783278cb61170a7153bb003784ANALYSIS DATE: 2023-01-29T11:17:02ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 109[.]172[.]45[.]28:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]188[.]58[.]32:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]29[.]24[.]212:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – – bfe6ee8069f6e7c572382a97fd16d104
Score: 3 MALWARE FAMILY: TAGS:MD5: bfe6ee8069f6e7c572382a97fd16d104SHA1: e017c8f52a53cd0374d7867af14e567b79d6cffdANALYSIS DATE: 2023-01-29T11:33:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 360ef53ce1b09b03998bf2ab743f7dc7
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomware, spyware, stealerMD5: 360ef53ce1b09b03998bf2ab743f7dc7SHA1: 9166c3760b1d1cf9a395e344858e4e01158795bcANALYSIS DATE: 2023-01-29T11:09:44ZTTPS: T1060, T1012, T1005, T1081, T1082, T1059, T1102,...
BreachForums Database Leak Alert: TSA NoFly List
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
