Cobalt Stike Beacon Detected – 23[.]224[.]39[.]41:8081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 199[.]253[.]29[.]85:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CircleCI’s hack caused by malware stealing engineer’s 2FA-backed session
Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access...
Canada’s largest alcohol retailer’s site hacked to steal credit cards
The Liquor Control Board of Ontario (LCBO), a Canadian government enterprise and the country's largest beverage alcohol retailer, revealed that...
Brave browser’s new Snowflake feature help bypass Tor blocks
Brave Browser version 1.47 was released yesterday, adding the Snowflake extension in the software's settings, enabling users to turn their...
Malware Analysis – joker – 1e288142a45ebe7244ab899798cea643
Score: 10 MALWARE FAMILY: jokerTAGS:family:joker, evasion, infostealer, ransomware, trojanMD5: 1e288142a45ebe7244ab899798cea643SHA1: 078295d1cda8319ed69f64b5443e4d89705d8523ANALYSIS DATE: 2023-01-15T04:36:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – evasion – 80bc920446cda4a8827ada74b0081852
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, themida, trojanMD5: 80bc920446cda4a8827ada74b0081852SHA1: 33f93d6744910002ce0d4ba18e035537475c8bbeANALYSIS DATE: 2023-01-15T03:04:53ZTTPS: T1490, T1485, T1082, T1060, T1112, T1012, T1120,...
Malware Analysis – ransomware – b14c45c1792038fd69b5c75e604242a3
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealer, upxMD5: b14c45c1792038fd69b5c75e604242a3SHA1: 54ab323053f1138e5ccaa8f8afaa38cabca9491fANALYSIS DATE: 2023-01-15T05:23:14ZTTPS: T1491, T1112, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – cc754c02596df7905eca8894d0202e13
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cc754c02596df7905eca8894d0202e13SHA1: 4bb01386cf0fe3f6e5a09d6c070e923663072081ANALYSIS DATE: 2023-01-15T04:47:12ZTTPS: T1012, T1005, T1081, T1082,...
Malware Analysis – djvu – 7b8426b03fdcbe7a132490d08531a789
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7b8426b03fdcbe7a132490d08531a789SHA1: fd2adf34c3b2cc9fa8cbb179064a4648a4a1c210ANALYSIS DATE: 2023-01-15T05:55:18ZTTPS: T1060, T1112, T1053, T1012,...
Malware Analysis – wannacry – afbe6bba36be6ad384e6feccab258960
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, discovery, persistence, ransomware, spyware, stealer, wormMD5: afbe6bba36be6ad384e6feccab258960SHA1: 45c076d83c648f195444799aa2eacaf7dde7392aANALYSIS DATE: 2023-01-15T05:51:47ZTTPS: T1158, T1222, T1012, T1082,...
Vice Society Ransomware Victim: TIMco
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Central Texas College
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 47[.]98[.]158[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]208[.]103[.]122:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]55[.]186[.]206:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 62[.]204[.]41[.]237:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 162[.]19[.]155[.]49:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]31[.]76[.]240:7999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – evasion – f2b7074e1543720a9a98fda660e02688
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: f2b7074e1543720a9a98fda660e02688SHA1: 1029492c1a12789d8af78d54adcb921e24b9e5caANALYSIS DATE: 2023-01-14T22:14:22ZTTPS: T1012, T1120, T1082, T1491, T1112, T1004 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 848406030700c675d73043518cd4ae46
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 848406030700c675d73043518cd4ae46SHA1: c31ed81d4b931e7e6d706c9bb659a54b38f48369ANALYSIS DATE: 2023-01-14T21:00:33ZTTPS: T1012, T1005, T1081, T1222,...
Malware Analysis – djvu – 7ec63785f6337d7690ea8e107a1f1993
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7ec63785f6337d7690ea8e107a1f1993SHA1: fb2463b62f1070d2c2fa2df0a9e23222b4596a0eANALYSIS DATE: 2023-01-14T22:14:42ZTTPS: T1005, T1081, T1130, T1112,...
Malware Analysis – discovery – d92e74a388b538b871ae3982156a3ac3
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: d92e74a388b538b871ae3982156a3ac3SHA1: 6f3362948fcf420770b3694aa2b222eef0a0e5fdANALYSIS DATE: 2023-01-14T23:26:25ZTTPS: T1112, T1042, T1012, T1082, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – ransomware – 3b2e3400973d3df5b8d50f615a7cf559
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 3b2e3400973d3df5b8d50f615a7cf559SHA1: 38c679a0a24afd9d9dc21b48b2fa8bb86bbb33e6ANALYSIS DATE: 2023-01-14T23:56:18ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
