threatintel

Malware Analysis – evasion – 4873dc59b8d3cdfb355eb0f383f20fb8

May 6, 2023

Score: 8 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 4873dc59b8d3cdfb355eb0f383f20fb8SHA1: 88f763d6fb7055eaa06603bd1822913ff3ea084eANALYSIS DATE: 2023-05-06T17:00:41ZTTPS: T1082, T1491, T1112, T1102, T1012, T1004, T1120 ScoreMeaningExample10Known badA...

Malware Analysis – amadey – c6152f849df9ab5a7b8bdda6c1e1301f

May 6, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, stealer, trojanMD5: c6152f849df9ab5a7b8bdda6c1e1301fSHA1: 3ae29eab58c00631d1d2ec748b18e0e0a4109c65ANALYSIS...

Malware Analysis – – 230feb2a0c5a06cdd5607974b9d0917e

May 6, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 230feb2a0c5a06cdd5607974b9d0917eSHA1: b5535c2d02a02e92afd04d4cf75a5715c1aa34c1ANALYSIS DATE: 2023-05-06T16:01:47ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 2e6f10f97405a4ab7fd2b40c83db5db4

May 6, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: 2e6f10f97405a4ab7fd2b40c83db5db4SHA1: 556dab406953a93b017929ab216d18b1b199bb3aANALYSIS DATE: 2023-05-06T16:54:55ZTTPS: T1053, T1012, T1082, T1005,...

Medusa Locker Ransomware Victim: Sonda (Duplicate with update)

May 6, 2023

Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

News

threatintel

Malware Analysis – evasion – 4873dc59b8d3cdfb355eb0f383f20fb8

Malware Analysis – amadey – c6152f849df9ab5a7b8bdda6c1e1301f

Malware Analysis – – 230feb2a0c5a06cdd5607974b9d0917e

Malware Analysis – djvu – 2e6f10f97405a4ab7fd2b40c83db5db4

Medusa Locker Ransomware Victim: Sonda (Duplicate with update)

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

Cobalt Stike Beacon Detected – 121[.]40[.]127[.]134:5555

Cobalt Stike Beacon Detected – 172[.]247[.]9[.]221:443

Cobalt Stike Beacon Detected – 101[.]43[.]165[.]220:80

Cobalt Stike Beacon Detected – 134[.]122[.]102[.]8:443

Cobalt Stike Beacon Detected – 20[.]40[.]249[.]105:443

Cobalt Stike Beacon Detected – 20[.]38[.]0[.]217:443

Cobalt Stike Beacon Detected – 20[.]38[.]0[.]217:80

Cobalt Stike Beacon Detected – 54[.]172[.]140[.]84:443

Cobalt Stike Beacon Detected – 43[.]138[.]62[.]36:97

Cobalt Stike Beacon Detected – 137[.]184[.]27[.]168:443

Cobalt Stike Beacon Detected – 101[.]43[.]156[.]246:8098

Vice Society Ransomware Victim: Asia Pacific University

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

New Android updates fix kernel bug exploited in spyware attacks

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

New Android FluHorse malware steals your passwords, 2FA codes

The Week in Ransomware – May 5th 2023 – Targeting the public sector

[AKIRA] – Ransomware Victim: Elliott Tax Service

[RHYSIDA] – Ransomware Victim: Automated Logistics Systems

[AKIRA] – Ransomware Victim: Benda Grace Stulz

[AKIRA] – Ransomware Victim: Palacios Marine & Industrial

[AKIRA] – Ransomware Victim: General Micro Systems

You may have missed