Chinese hackers use new custom backdoor to evade detection
The Chinese cyber espionage hacking group Mustang Panda was seen deploying a new custom backdoor named 'MQsTTang' in attacks starting...
threatintel
Hatch Bank discloses data breach after GoAnywhere MFT hack
Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers...
The Week in Ransomware – March 3rd 2023 – Wide impact attacks
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV...
BidenCash market leaks over 2 million stolen credit cards for free
A carding marketplace known as BidenCash has leaked online a free database of 2,165,700 debit and credit cards in celebration...
Play ransomware claims disruptive attack on City of Oakland
The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems...
FBI and CISA warn of increasing Royal ransomware attack risks
CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many...
Brave Search launches AI-powered summarizer in search results
Brave Search has incorporated a new AI-powered tool named Summarizer, which gives a summarized answer to an inputted question before...
Vice Society Ransomware Victim: HUNOSA
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 8[.]130[.]9[.]21:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 88[.]214[.]26[.]18:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]53[.]220[.]154:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]120:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]154[.]18[.]45:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]193[.]192[.]87:8002
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]227[.]252[.]241:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]166[.]32:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 175[.]41[.]221[.]5:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Malware Analysis – ransomware – ec7f50965cb1452b6401a51f7d763655
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ec7f50965cb1452b6401a51f7d763655SHA1: c936b6a86b76160520b2ca0bf33edd0f766b2476ANALYSIS DATE: 2023-03-03T15:08:04ZTTPS: T1012, T1120, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 23ab7d03d01006cc9eebea2de38925dd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 23ab7d03d01006cc9eebea2de38925ddSHA1: 52c36dfe969bbec89362fd9488992584e8098576ANALYSIS DATE: 2023-03-03T15:31:43ZTTPS: T1012, T1082,...
Malware Analysis – smokeloader – b8c11d1e438c7abf33904db470deab58
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b8c11d1e438c7abf33904db470deab58SHA1: af8ab902c26d27a6602c491848135fd852517b9eANALYSIS DATE: 2023-03-03T15:31:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – banker – 3884ec6219f6b9898ef5451ea11ceeed
Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 3884ec6219f6b9898ef5451ea11ceeedSHA1: 1c35778f44b7ed53cc55a8d70aefc8ae6741807cANALYSIS DATE: 2023-03-03T15:31:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 87cbf451bcac74b3a78f5f0bf7fc9a4f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 87cbf451bcac74b3a78f5f0bf7fc9a4fSHA1: dbde9ffca7c2c3601bbc8d197f86f532d8326777ANALYSIS DATE: 2023-03-03T16:17:37ZTTPS: T1012, T1082, T1005, T1081, T1222,...
Malware Analysis – bitrat – b42af31cea64330d0465bed0510089c0
Score: 10 MALWARE FAMILY: bitratTAGS:family:bitrat, persistence, trojan, upxMD5: b42af31cea64330d0465bed0510089c0SHA1: 3cd6c9277fe07111548e1030834c98e2412a380aANALYSIS DATE: 2023-03-03T16:50:20ZTTPS: T1082, T1060, T1112, T1130 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – a865e14a0f7113a556b576eb4dd8323d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a865e14a0f7113a556b576eb4dd8323dSHA1: 0668b9b280c555a95707155a974b419f80849d95ANALYSIS DATE: 2023-03-03T16:44:26ZTTPS: T1012, T1082, T1005, T1081, T1222,...
