threatintel

Cobalt Stike Beacon Detected – 185[.]216[.]71[.]178:4433

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB

November 14, 2022

Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:2086

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 179[.]43[.]142[.]230:80

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]71[.]143[.]78:80

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 159[.]65[.]249[.]226:443

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 107[.]189[.]31[.]184:8443

November 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 4f983455b20c64a382e15940c78688df

November 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, botnet:new1113, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...

Malware Analysis – djvu – 793adb3bc34fe1c5685c789cb1873343

November 14, 2022

Malware Analysis – djvu – 659cbbd98ef779644632c233f1e7863b

November 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:123, botnet:517, botnet:google2, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...

Malware Analysis – djvu – 97abb80bf20fbd4165c08a1d94b5946f

November 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, botnet:new1113, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan,...

Malware Analysis – djvu – 73851fffda776177fea69a3678984b5e

November 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 73851fffda776177fea69a3678984b5eSHA1: 91b3403104d5eb0a45cc74b8f07bf28d5e215c63ANALYSIS DATE: 2022-11-13T22:35:49ZTTPS: T1082, T1005, T1081, T1060,...

Malware Analysis – ransomware – 8ed939e0251f7e2da73f2a911bb021f7

November 14, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 8ed939e0251f7e2da73f2a911bb021f7SHA1: c81f5641328253f093d046874c77f173cfc9fba3ANALYSIS DATE: 2022-11-13T23:14:07ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – ca0366014df6b386b16e0335f0ac2463

November 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: ca0366014df6b386b16e0335f0ac2463SHA1: 2d547b279c5f626b45d995a455a539ef7797a077ANALYSIS DATE: 2022-11-13T23:36:22ZTTPS: T1060, T1112, T1222, T1012,...

BlackCat/ALPHV Ransomware Victim: CENTRAL BANK OF GAMBIA HACKED[.] 2 TB OF CRITICAL DATA WAS STOLEN[.]

November 13, 2022

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Malware Analysis – azov – 56114b51b4db37d266304b35a8ded6ad

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, spyware, stealer, wiperMD5: 56114b51b4db37d266304b35a8ded6adSHA1: 06f213336a50e8564bf24246f5d7971fdc21a9cbANALYSIS DATE: 2022-11-13T15:32:05ZTTPS: T1060, T1112, T1012, T1120, T1082, T1005,...

Malware Analysis – azov – 82211bc7d27b7a5320d8f2810660c9c1

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: 82211bc7d27b7a5320d8f2810660c9c1SHA1: 4a3ae7b95f2ce520d567564be8d387b337ec30b7ANALYSIS DATE: 2022-11-13T15:33:07ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – azov – c84978a220b2b871198a3db451615500

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: c84978a220b2b871198a3db451615500SHA1: b3849898825e31ca9786f452934a9e40eba0bc56ANALYSIS DATE: 2022-11-13T15:32:06ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – azov – eb707c2864b47875cf7e183c738f6d1e

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: eb707c2864b47875cf7e183c738f6d1eSHA1: c32b4d0f7083091113991b08cd23601d9cee2c61ANALYSIS DATE: 2022-11-13T15:32:05ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – azov – f2a75b25f7e0cfee3fa861754d01bee2

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, spyware, stealer, wiperMD5: f2a75b25f7e0cfee3fa861754d01bee2SHA1: 107692789d688eede43064c44b6a07958cbc3eddANALYSIS DATE: 2022-11-13T15:32:07ZTTPS: T1012, T1120, T1082, T1005, T1081, T1060,...

Malware Analysis – azov – fb211c2ac0f37a104de1b4377e87982c

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, spyware, stealer, wiperMD5: fb211c2ac0f37a104de1b4377e87982cSHA1: 39fc0b935b35c6d2ffd5664467606765cb207c45ANALYSIS DATE: 2022-11-13T15:33:07ZTTPS: T1012, T1120, T1082, T1005, T1081, T1060,...

Malware Analysis – smokeloader – f5c178148b3caf9df80d0ebdad21247f

November 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f5c178148b3caf9df80d0ebdad21247fSHA1: ff30214f2095dc71308dac946fe15e087cfd6e14ANALYSIS DATE: 2022-11-13T15:36:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – azov – c4e7ddc4f4de56d81cb9a1155b427cc0

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, spyware, stealer, wiperMD5: c4e7ddc4f4de56d81cb9a1155b427cc0SHA1: c6457b8e4d2a1c5665c1aa03b0e4c47ac8f01c67ANALYSIS DATE: 2022-11-13T15:33:08ZTTPS: T1012, T1120, T1082, T1005, T1081, T1060,...

Malware Analysis – azov – 53acba6e2bd5c5cebeb5d07512cfb221

November 13, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: 53acba6e2bd5c5cebeb5d07512cfb221SHA1: e8f2b5f3eae1b64f52906eee3c0f32286281b9a2ANALYSIS DATE: 2022-11-13T15:33:07ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...

threatintel

Cobalt Stike Beacon Detected – 185[.]216[.]71[.]178:4433

Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB

Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:2086

Cobalt Stike Beacon Detected – 179[.]43[.]142[.]230:80

Cobalt Stike Beacon Detected – 124[.]71[.]143[.]78:80

Cobalt Stike Beacon Detected – 159[.]65[.]249[.]226:443

Cobalt Stike Beacon Detected – 107[.]189[.]31[.]184:8443

Malware Analysis – djvu – 4f983455b20c64a382e15940c78688df

Malware Analysis – djvu – 793adb3bc34fe1c5685c789cb1873343

Malware Analysis – djvu – 659cbbd98ef779644632c233f1e7863b

Malware Analysis – djvu – 97abb80bf20fbd4165c08a1d94b5946f

Malware Analysis – djvu – 73851fffda776177fea69a3678984b5e

Malware Analysis – ransomware – 8ed939e0251f7e2da73f2a911bb021f7

Malware Analysis – djvu – ca0366014df6b386b16e0335f0ac2463

BlackCat/ALPHV Ransomware Victim: CENTRAL BANK OF GAMBIA HACKED[.] 2 TB OF CRITICAL DATA WAS STOLEN[.]

Malware Analysis – azov – 56114b51b4db37d266304b35a8ded6ad

Malware Analysis – azov – 82211bc7d27b7a5320d8f2810660c9c1

Malware Analysis – azov – c84978a220b2b871198a3db451615500

Malware Analysis – azov – eb707c2864b47875cf7e183c738f6d1e

Malware Analysis – azov – f2a75b25f7e0cfee3fa861754d01bee2

Malware Analysis – azov – fb211c2ac0f37a104de1b4377e87982c

Malware Analysis – smokeloader – f5c178148b3caf9df80d0ebdad21247f

Malware Analysis – azov – c4e7ddc4f4de56d81cb9a1155b427cc0

Malware Analysis – azov – 53acba6e2bd5c5cebeb5d07512cfb221

CVE Alert: CVE-2025-3867

CVE Alert: CVE-2025-46617

CVE Alert: CVE-2025-46616

CVE Alert: CVE-2025-3868

CVE Alert: CVE-2025-3866

You may have missed