LockBit 3.0 Ransomware Victim: duomed[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
OSINT
Cobalt Stike Beacon Detected – 43[.]138[.]13[.]139:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 213[.]252[.]244[.]69:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]9[.]56[.]158:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 213[.]32[.]75[.]32:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]190[.]10:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]73[.]134[.]51:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 831ea71d4e3cc3e27250500e14d4ac25
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 831ea71d4e3cc3e27250500e14d4ac25SHA1: 8976eebf1416eb1bf968c346b08e7a32f5325908ANALYSIS DATE: 2023-01-18T10:45:15ZTTPS: T1082, T1012, T1222, T1005,...
Malware Analysis – djvu – 7a84a1a41a766c91cf8a3df085f960b6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7a84a1a41a766c91cf8a3df085f960b6SHA1: c44ee2b0d827561c5d53ae05399b1140530dcaeeANALYSIS DATE: 2023-01-18T09:44:29ZTTPS: T1005, T1081, T1060, T1112,...
Royal Ransomware Victim: K Azarosian Costello
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – discovery – 054e745aa82ab8cfa9839012b88be92e
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 054e745aa82ab8cfa9839012b88be92eSHA1: c559315cac54df311c1b8bc99f14bf37c3ddedb3ANALYSIS DATE: 2023-01-18T03:05:38ZTTPS: T1060, T1012, T1120, T1082, T1102, T1112, T1042 ScoreMeaningExample10Known badA...
Malware Analysis – – ad3bc99ab03f6fcef0215c0eb185bf6f
Score: 1 MALWARE FAMILY: TAGS:MD5: ad3bc99ab03f6fcef0215c0eb185bf6fSHA1: 135d0497aa12587d1970ff2e6d2eb9bc401c898fANALYSIS DATE: 2023-01-18T03:15:33ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – f14153bbd95fc26d9ccea77c49cf09b9
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: f14153bbd95fc26d9ccea77c49cf09b9SHA1: cb59f900711ea751c4322b4dab50fa2c0ee70b33ANALYSIS DATE: 2023-01-18T03:19:01ZTTPS: T1130, T1112, T1042, T1012, T1082,...
Malware Analysis – djvu – 7759fcd2fb56a92edd795ce8816beec2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7759fcd2fb56a92edd795ce8816beec2SHA1: 485ab66daee6cc85c335f793f0e3817256529ea8ANALYSIS DATE: 2023-01-18T05:41:10ZTTPS: T1222, T1005, T1081, T1082,...
Malware Analysis – discovery – cc11aad00f58586019f729fc87ae0770
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: cc11aad00f58586019f729fc87ae0770SHA1: 0ad616a4f634dc25f8d01496ebb4ce2c803036f2ANALYSIS DATE: 2023-01-18T03:44:20ZTTPS: T1082, T1012, T1120, T1112, T1042,...
Malware Analysis – djvu – 008d06f2da41aff875920ca2fc30dbeb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 008d06f2da41aff875920ca2fc30dbebSHA1: 48a340ee73ea1f73ce0b5e107f92899fa31a81dfANALYSIS DATE: 2023-01-18T03:45:29ZTTPS: T1082, T1012, T1222, T1053,...
Malware Analysis – upx – adfd72bcc56ad11b2736584c152e3cdc
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: adfd72bcc56ad11b2736584c152e3cdcSHA1: 7c2745c476490a68d6a8a3ee3207312c7d7c5ac4ANALYSIS DATE: 2023-01-18T04:09:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Royal Ransomware Victim: Livingston
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Git patches two critical remote code execution security flaws
Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based...
Hackers can use GitHub Codespaces to host and deliver malware
Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and...
Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that...
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE)...
MSI accidentally breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating...
Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication...
