threatintel

Malware Analysis – djvu – 17ee638b2f006f1f69b79c3cf173cae0

November 9, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 17ee638b2f006f1f69b79c3cf173cae0SHA1: bf4c578c214b3d5b21b1e9e1a76647cdea606de9ANALYSIS DATE: 2022-11-08T22:17:32ZTTPS: T1060, T1112, T1012, T1082,...

DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework

November 8, 2022

This report provides defenders and security operations center teams with the technical details they need to know should they encounter...

Hybrid Cloud Management Security Tools

November 8, 2022

Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk. If you like the site, please...

Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw

November 8, 2022

Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging...

SmokeLoader campaign distributes new Laplas Clipper malware

November 8, 2022

Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble...

LockBit 3.0 Ransomware Victim: crtl[.]com

November 8, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: thaiho[.]com

November 8, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

BlackCat/ALPHV Ransomware Victim: Motional

November 8, 2022

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

BlackCat/ALPHV Ransomware Victim: GMM Grammy Public Company Limited

November 8, 2022

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

Malware Analysis – ransomware – 7328af3a365df9561a55e86421fb81c0

November 8, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7328af3a365df9561a55e86421fb81c0SHA1: 6cfb5b4a68100678d95270e3d188572a30abd568ANALYSIS DATE: 2022-11-08T15:00:23ZTTPS: T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – 64ece5b294fae4f675cf7a8f75641ed4

November 8, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 64ece5b294fae4f675cf7a8f75641ed4SHA1: 7345d026efe7f27a5df85751ad308024d31532fcANALYSIS DATE: 2022-11-08T14:24:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – chaos – 5907869307f559b670e7acaf1d69cb08

November 8, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomware, spyware, stealer, upxMD5: 5907869307f559b670e7acaf1d69cb08SHA1: 1af63521c6a3f5d671c8bfc1f1f662894803d5a9ANALYSIS DATE: 2022-11-08T15:40:08ZTTPS: T1082, T1005, T1081, T1130, T1112 ScoreMeaningExample10Known badA...

Malware Analysis – azov – 28097ef38e5b2bbcad21becaa9b232ca

November 8, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: 28097ef38e5b2bbcad21becaa9b232caSHA1: 0daaddbd5e25c88534652819cd8ae3d75955faf3ANALYSIS DATE: 2022-11-08T15:08:39ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – 2eabb8109c2e76505ed6dd3b29f3ff49

November 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2eabb8109c2e76505ed6dd3b29f3ff49SHA1: 09323bafbddc678af0d96aa95d5413e52e490ae0ANALYSIS DATE: 2022-11-08T15:50:24ZTTPS: T1222, T1082, T1005, T1081,...

Malware Analysis – smokeloader – c2a071fde47f97b7ba12114d4d33a633

November 8, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c2a071fde47f97b7ba12114d4d33a633SHA1: 3080f8840b49635e03d931a3f9fb03c9e5c9a8e0ANALYSIS DATE: 2022-11-08T15:51:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – discovery – 0f3707bc9fcf18c583a10a72cc811a06

November 8, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 0f3707bc9fcf18c583a10a72cc811a06SHA1: d9f373016a74cc0572287936b00b03ac84607696ANALYSIS DATE: 2022-11-08T16:55:08ZTTPS: T1130, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – chaos – 4a4435077649dd3023b749dc5cca0a0b

November 8, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 4a4435077649dd3023b749dc5cca0a0bSHA1: 73e4be290763fce226110e02f84f7a3f38b89aa8ANALYSIS DATE: 2022-11-08T16:00:06ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – e12d62a9826a5774ad165bb70b120663

November 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...

Malware Analysis – djvu – 7b938bd47d22fb1e51480873bcbbcdb8

November 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7b938bd47d22fb1e51480873bcbbcdb8SHA1: 25729d6a9505e8dbc45ea5b5121dbf1792785ed2ANALYSIS DATE: 2022-11-08T16:51:08ZTTPS: T1005, T1081, T1012, T1082,...

HIVE Ransomware Victim: Cornwell Quality Tools

November 8, 2022

HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

HIVE Ransomware Victim: ROYAL GATEWAY CO[.], LTD

November 8, 2022

HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

HIVE Ransomware Victim: APM Terminals

November 8, 2022

HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Malware Analysis – adware – 0ad4ba6b364996ffc065163089546840

November 8, 2022

Score: 8 MALWARE FAMILY: adwareTAGS:adware, discovery, exploit, persistence, stealer, upxMD5: 0ad4ba6b364996ffc065163089546840SHA1: ccd32688216e18476d7415e27c5c5750e2ab7a61ANALYSIS DATE: 2022-11-08T17:38:00ZTTPS: T1112, T1176, T1060, T1222 ScoreMeaningExample10Known badA...

Malware Analysis – raccoon – 2c4a9effba41930d4dfd9430cde5eb40

November 8, 2022

Score: 10 MALWARE FAMILY: raccoonTAGS:family:raccoon, family:redline, family:smokeloader, botnet:1020939650_99, botnet:71dfd37ad40a834e3757b044e3efa038, backdoor, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan, upxMD5: 2c4a9effba41930d4dfd9430cde5eb40SHA1: 4809f4ae06e32cadf40a6af7a8e129e17c8676f7ANALYSIS...

threatintel

Malware Analysis – djvu – 17ee638b2f006f1f69b79c3cf173cae0

DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework

Hybrid Cloud Management Security Tools

Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw

SmokeLoader campaign distributes new Laplas Clipper malware

LockBit 3.0 Ransomware Victim: crtl[.]com

LockBit 3.0 Ransomware Victim: thaiho[.]com

BlackCat/ALPHV Ransomware Victim: Motional

BlackCat/ALPHV Ransomware Victim: GMM Grammy Public Company Limited

Malware Analysis – ransomware – 7328af3a365df9561a55e86421fb81c0

Malware Analysis – evasion – 64ece5b294fae4f675cf7a8f75641ed4

Malware Analysis – chaos – 5907869307f559b670e7acaf1d69cb08

Malware Analysis – azov – 28097ef38e5b2bbcad21becaa9b232ca

Malware Analysis – djvu – 2eabb8109c2e76505ed6dd3b29f3ff49

Malware Analysis – smokeloader – c2a071fde47f97b7ba12114d4d33a633

Malware Analysis – discovery – 0f3707bc9fcf18c583a10a72cc811a06

Malware Analysis – chaos – 4a4435077649dd3023b749dc5cca0a0b

Malware Analysis – djvu – e12d62a9826a5774ad165bb70b120663

Malware Analysis – djvu – 7b938bd47d22fb1e51480873bcbbcdb8

HIVE Ransomware Victim: Cornwell Quality Tools

HIVE Ransomware Victim: ROYAL GATEWAY CO[.], LTD

HIVE Ransomware Victim: APM Terminals

Malware Analysis – adware – 0ad4ba6b364996ffc065163089546840

Malware Analysis – raccoon – 2c4a9effba41930d4dfd9430cde5eb40

CVE Alert: CVE-2025-4359

CVE Alert: CVE-2025-4354

CVE Alert: CVE-2025-4358

CVE Alert: CVE-2025-4356

CVE Alert: CVE-2025-4357

You may have missed