threatintel

Malware Analysis – evasion – 690e39cbffe340fcbf4db885c7f9ebfa

December 16, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 690e39cbffe340fcbf4db885c7f9ebfaSHA1: 6ff465439c7a54784c7df692ce495843cb12f750ANALYSIS DATE: 2022-12-16T15:44:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – smokeloader – 8e345f8a3549c12c711ad666304b8196

December 16, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8e345f8a3549c12c711ad666304b8196SHA1: c889ed9f45ad3462948a6b6cd98b80bd801987beANALYSIS DATE: 2022-12-16T15:41:45ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 779e23df789af919e840b393dc26f8d8

December 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 779e23df789af919e840b393dc26f8d8SHA1: 6efc9a81f30b9c1474f13042d0b119b1ae503577ANALYSIS DATE:...

Malware Analysis – evasion – 21fc95441e68d60cd8a2674fb96d60a6

December 16, 2022

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 21fc95441e68d60cd8a2674fb96d60a6SHA1: 34e565e1d46f7c0b812229e6ac2f1d009d9e165dANALYSIS DATE: 2022-12-16T16:12:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – smokeloader – 77b276c347598aea212d16a6fbe1b927

December 16, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 77b276c347598aea212d16a6fbe1b927SHA1: 1aaa5729768a7f732f23052b709a21617573e05fANALYSIS DATE: 2022-12-16T16:19:11ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 8afc877c5a7f2312f8f15e5841b8dd33

December 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 8afc877c5a7f2312f8f15e5841b8dd33SHA1: ff69c1b70ad7b896d5ec38da580dfcf58e427032ANALYSIS DATE: 2022-12-16T16:13:18ZTTPS: T1012, T1082, T1060, T1112, T1053, T1005,...

Malware Analysis – smokeloader – fa3c884cd50596bd653c756bac035d80

December 16, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: fa3c884cd50596bd653c756bac035d80SHA1: a14c295a1bff83511d82ec2c9a251e059e1a5c6aANALYSIS DATE: 2022-12-16T16:12:57ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 8a64beecdd29c0c3d767b687036d2b92

December 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 8a64beecdd29c0c3d767b687036d2b92SHA1: 05e951697f03dcca95c80bed95434a6eab380a5dANALYSIS DATE:...

CISA: FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food

December 16, 2022

FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food The Federal...

Malware Analysis – evasion – 9b41cf5e2a4ea79e030472bfdd72a6e7

December 16, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9b41cf5e2a4ea79e030472bfdd72a6e7SHA1: edb40e395d0d81b56c43d0008e3664cdf124bc14ANALYSIS DATE: 2022-12-16T17:30:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – 077b7f24c33b31d88fb23c169a137d2e

December 16, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 077b7f24c33b31d88fb23c169a137d2eSHA1: b47eda1e2f6b6708c83a67516898ef5c7cb7da43ANALYSIS DATE: 2022-12-16T16:32:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 8a64beecdd29c0c3d767b687036d2b92

December 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 8a64beecdd29c0c3d767b687036d2b92SHA1: 05e951697f03dcca95c80bed95434a6eab380a5dANALYSIS DATE:...

Malware Analysis – banker – c27c9136e81deb8cfdcff0e56f81638f

December 16, 2022

Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: c27c9136e81deb8cfdcff0e56f81638fSHA1: b7a813be289103f2f95e4a2377a24c1835c09c54ANALYSIS DATE: 2022-12-16T17:00:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

LockBit 3.0 Ransomware Victim: prinovaglobal[.]com

December 16, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Data of 5.7M Gemini users available for sale on hacking forums

December 16, 2022

Gemini crypto exchange warns users of an ongoing phishing campaign after a third-party vendor suffered a security breach. Gemini crypto...

AzureHound – Azure Data Exporter For BloodHound

December 16, 2022

The BloodHound data collector for Microsoft Azure Get AzureHound Release Binaries Download the appropriate binary for your platform from one...

Royal Ransomware Victim: Mol

December 16, 2022

RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...

Malware Analysis – djvu – fb4179ed52ae3e372dbd7236c36bad07

December 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: fb4179ed52ae3e372dbd7236c36bad07SHA1: 3a429fab3ada61843ff58cd601a3240f16bc2e83ANALYSIS DATE: 2022-12-16T10:20:19ZTTPS: T1060, T1112, T1082, T1012, T1053, T1005,...

Cobalt Stike Beacon Detected – 167[.]172[.]24[.]169:443

December 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – danabot – 9135f94621c62d8cfe3fe6744c9f758d

December 16, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, banker, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware,...

threatintel

Malware Analysis – evasion – 690e39cbffe340fcbf4db885c7f9ebfa

Malware Analysis – smokeloader – 8e345f8a3549c12c711ad666304b8196

Malware Analysis – djvu – 779e23df789af919e840b393dc26f8d8

Malware Analysis – evasion – 21fc95441e68d60cd8a2674fb96d60a6

Malware Analysis – smokeloader – 77b276c347598aea212d16a6fbe1b927

Malware Analysis – djvu – 8afc877c5a7f2312f8f15e5841b8dd33

Malware Analysis – smokeloader – fa3c884cd50596bd653c756bac035d80

Malware Analysis – djvu – 8a64beecdd29c0c3d767b687036d2b92

CISA: FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food

Malware Analysis – evasion – 9b41cf5e2a4ea79e030472bfdd72a6e7

Malware Analysis – evasion – 077b7f24c33b31d88fb23c169a137d2e

Malware Analysis – djvu – 8a64beecdd29c0c3d767b687036d2b92

Malware Analysis – banker – c27c9136e81deb8cfdcff0e56f81638f

LockBit 3.0 Ransomware Victim: prinovaglobal[.]com

Data of 5.7M Gemini users available for sale on hacking forums

AzureHound – Azure Data Exporter For BloodHound

Royal Ransomware Victim: Mol

Malware Analysis – djvu – fb4179ed52ae3e372dbd7236c36bad07

Cobalt Stike Beacon Detected – 167[.]172[.]24[.]169:443

Malware Analysis – danabot – 9135f94621c62d8cfe3fe6744c9f758d

Cobalt Stike Beacon Detected – 109[.]94[.]208[.]57:8080

Cobalt Stike Beacon Detected – 77[.]73[.]134[.]23:80

Cobalt Stike Beacon Detected – 121[.]5[.]61[.]8:8018

Cobalt Stike Beacon Detected – 5[.]188[.]86[.]237:443

CVE Alert: CVE-2025-20274

CVE Alert: CVE-2025-20284

CVE Alert: CVE-2025-20285

CVE Alert: CVE-2025-20337

CVE Alert: CVE-2025-20288

You may have missed