A Closer Look at Windows Kernel Threats
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access...
threatintel
Old vulnerabilities in Cisco products actively exploited in the wild
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild. Cisco has updated...
Kali Linux 2022.4 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2022.4. This release has various impressive updates.A summary of the changelog...
Malware Analysis – smokeloader – 048c5750cce12e02e62aa2f2b961629d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 048c5750cce12e02e62aa2f2b961629dSHA1: f3ada2cb30bb9425ceab9ebc7e862f632c2e1629ANALYSIS DATE: 2022-12-19T15:53:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 620a33b990761a4802b82b6ce657620a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 620a33b990761a4802b82b6ce657620aSHA1: 605b2d0c16e0a903118012e5dfc05165114cf816ANALYSIS DATE: 2022-12-19T16:29:34ZTTPS: T1012, T1082, T1060 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – f9f07daa6ac03183f15c467ac8458946
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: f9f07daa6ac03183f15c467ac8458946SHA1: ad43ea762aab0e8da955e58dabd42d7d840ffcbdANALYSIS DATE: 2022-12-19T15:01:38ZTTPS: T1005, T1081, T1222, T1082, T1012, T1053,...
Malware Analysis – djvu – 2e7c9cc96fafadb85f03fe0e0d70dbe8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 2e7c9cc96fafadb85f03fe0e0d70dbe8SHA1: cc1aca4021dc1d383b4b2bd55db789b08911e750ANALYSIS DATE: 2022-12-19T16:43:35ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – neshta – 6aa9acfb386ff6673ed8bd77c459ea5b
Score: 10 MALWARE FAMILY: neshtaTAGS:family:neshta, family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: 6aa9acfb386ff6673ed8bd77c459ea5bSHA1: 77e9926caeaf7bd23b832069384e1c02dd4ff78eANALYSIS DATE: 2022-12-19T17:18:03ZTTPS: T1490, T1059, T1107, T1005, T1081,...
Malware Analysis – djvu – 9206dd64291b57ef64ea8fc15cb77b62
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9206dd64291b57ef64ea8fc15cb77b62SHA1: 5ca61612241c01ee04cfeebcff6cdb8ab35051e0ANALYSIS DATE: 2022-12-19T17:26:22ZTTPS: T1053, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – ransomware – 0ca54a12dfeb248b5c0c2400ec288266
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0ca54a12dfeb248b5c0c2400ec288266SHA1: 9ef4d6cdc12fd7451dee17088de7adc85ffcc7caANALYSIS DATE: 2022-12-19T16:52:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 6512331eb3bda65b6ae1205d0633a1e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6512331eb3bda65b6ae1205d0633a1e1SHA1: 5ffe12c70577d58db50393b83599c3227c877282ANALYSIS DATE: 2022-12-19T17:05:50ZTTPS: T1005, T1081, T1222, T1082, T1012, T1053,...
Malware Analysis – djvu – 4d0d3ce86f2f7edc9cf08d3393e516e3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 4d0d3ce86f2f7edc9cf08d3393e516e3SHA1: c1dcb2c412f0512adcd8e287ca332435e0672818ANALYSIS DATE: 2022-12-19T17:30:57ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – persistence – e27b637abe523503b19e6b57b95489ea
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: e27b637abe523503b19e6b57b95489eaSHA1: 875c3af49522b74045c7ac5cc7f07308e6091b02ANALYSIS DATE: 2022-12-19T17:46:04ZTTPS: T1060, T1112, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – fbb796cc4209793257bc08943e9bfa29
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: fbb796cc4209793257bc08943e9bfa29SHA1: 5200d89104d66cab7ee6418e1dc5eccc13bc5193ANALYSIS DATE: 2022-12-19T17:46:03ZTTPS: T1082, T1491, T1112, T1004, T1070, T1060, T1012, T1120, T1490...
Malware Analysis – djvu – 9228f870c82e0b331680b9fe90486722
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9228f870c82e0b331680b9fe90486722SHA1: f91f48f62bff5b8291589ccc150c7e8339daf66eANALYSIS DATE: 2022-12-19T17:50:17ZTTPS: T1060, T1112, T1082, T1005, T1081, T1012,...
LockBit 3.0 Ransomware Victim: senateshj[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mercuryit[.]co[.]nz
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: polyflor[.]co[.]nz
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: rgvfirm[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: stmc[.]edu[.]hk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: Monte Cristalina S[.]A[.]
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: businesscentral[.]org[.]nz
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mayflowerdentalgroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: womgroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
