Cuba Ransomware Victim: Sae-a
Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
threatintel
Malware Analysis – makop – 6a956731b3677dd9d4d18641d40532ab
Score: 10 MALWARE FAMILY: makopTAGS:family:makop, ransomware, spyware, stealerMD5: 6a956731b3677dd9d4d18641d40532abSHA1: 1994ee0b381c5528d5b5c01fb97a14b5ff81e5a5ANALYSIS DATE: 2022-12-20T17:44:04ZTTPS: T1059, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – play – 57bcb8cfad510109f7ddedf045e86a70
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 57bcb8cfad510109f7ddedf045e86a70SHA1: e6c381859f53d0c0db9fcd30fa601ecb935b93e0ANALYSIS DATE: 2022-12-20T15:47:27ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 98f766d73ebce6d6f50e096bf91de915
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 98f766d73ebce6d6f50e096bf91de915SHA1: 66995579b886ad37ca5b6a60251f40c756177dcaANALYSIS DATE: 2022-12-20T16:15:06ZTTPS: T1060, T1112, T1082, T1053, T1012, T1222,...
Malware Analysis – djvu – daf392649efbbfda72d564e792a21679
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: daf392649efbbfda72d564e792a21679SHA1: a8e8d94c5887ef837c812a51e528d3244493d98cANALYSIS DATE: 2022-12-20T16:49:37ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper....
Royal Ransomware Victim: MARK-TAYLOR
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
HTTPLoot – An Automated Tool Which Can Simultaneously Crawl, Fill Forms, Trigger Error/Debug Pages And “Loot” Secrets Out Of The Client-Facing Code Of Sites
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code...
Telling users to ‘avoid clicking bad links’ still isn’t working
Telling users to ‘avoid clicking bad links’ still isn’t working Let's start with a basic premise: several of the established...
Cobalt Stike Beacon Detected – 62[.]204[.]41[.]155:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]251[.]237:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]42[.]177[.]165:8008
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]81[.]128[.]189:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – a921630469b9a90ee06e2eb1162518d0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: a921630469b9a90ee06e2eb1162518d0SHA1: 285f2fe0ccd5404066abd5aa2e2cdc35e8fcbd55ANALYSIS DATE: 2022-12-20T10:21:55ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – evasion – 39be65c8a26732e90364ad5c6f98986e
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 39be65c8a26732e90364ad5c6f98986eSHA1: 1d66f11969008d4d4fde5e896b9764d9192fb158ANALYSIS DATE: 2022-12-20T09:10:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Cobalt Stike Beacon Detected – 47[.]96[.]156[.]250:4445
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 202[.]95[.]19[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]140[.]251[.]169:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]130[.]228[.]116:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – banker – 09edc47eee95bc8e6e70faf20da6c3fd
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 09edc47eee95bc8e6e70faf20da6c3fdSHA1: 5925a3b50d251718609a7bf8dbc8bcd8e6fe2fc5ANALYSIS DATE: 2022-12-20T11:33:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 6c84cd55dc9d322cbac397f90f9a94d0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6c84cd55dc9d322cbac397f90f9a94d0SHA1: 7c39f89906feabc5d8218f5d627aa150052138b4ANALYSIS DATE: 2022-12-20T10:36:34ZTTPS: T1222, T1005, T1081, T1053, T1012, T1082,...
Malware Analysis – persistence – dc4ae2105938cb68c5b6988465e13da1
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: dc4ae2105938cb68c5b6988465e13da1SHA1: 4bf9313e1b4f51df9b94cf73e36adb53f8c29ac0ANALYSIS DATE: 2022-12-20T10:31:05ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – ryuk – f62bb82db62dd6b80908dcd79ea51fb2
Score: 10 MALWARE FAMILY: ryukTAGS:family:ryuk, discovery, evasion, persistence, ransomwareMD5: f62bb82db62dd6b80908dcd79ea51fb2SHA1: e635ba1b935adf31ffd055d71884098567b3dd4fANALYSIS DATE: 2022-12-20T10:41:33ZTTPS: T1490, T1112, T1082, T1222, T1107, T1060 ScoreMeaningExample10Known...
LockBit 3.0 Ransomware Victim: teknowsource[.]in
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
