Cobalt Stike Beacon Detected – 121[.]5[.]61[.]8:8018
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 5[.]188[.]86[.]237:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]142[.]137:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – persistence – 428e2d6500b98a6059153e4a99bee22c
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 428e2d6500b98a6059153e4a99bee22cSHA1: 94ca95c70255418b797e9362dcc757748a90f0b8ANALYSIS DATE: 2022-12-16T11:15:17ZTTPS: T1060, T1112, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was...
CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog
US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure...
MCCrash botnet targets private Minecraft servers, Microsoft warns
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers. Microsoft spotted a...
Microsoft revised CVE-2022-37958 severity due to its broader scope
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022....
Malware Analysis – danabot – cebcff470e19eb9de81af95cfe2b86bc
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:dcrat, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, banker, bootkit, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – ransomware – d7986651c677f683616da3ae1b4d1ff7
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: d7986651c677f683616da3ae1b4d1ff7SHA1: a1b03ce87f537131a031a2618e02d13e29dd760aANALYSIS DATE: 2022-12-16T05:29:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – persistence – ff77c452d18d840f60f3b9007fbe5379
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: ff77c452d18d840f60f3b9007fbe5379SHA1: 2e52628c8e985b5b08f04fdc99e44c937ee1b59fANALYSIS DATE: 2022-12-16T03:47:07ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 6824a72ba14def6475ee1937ec2d7594
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6824a72ba14def6475ee1937ec2d7594SHA1: 33112b56093f382724359c112518bac080e504fcANALYSIS DATE: 2022-12-16T04:43:33ZTTPS: T1005, T1081, T1012, T1082, T1060, T1112,...
Malware Analysis – djvu – 1fbdb1063b832e6529118d4ab7e66971
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Cobalt Stike Beacon Detected – 167[.]71[.]43[.]105:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]135[.]249[.]159:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]3[.]56:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]213[.]54:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 143[.]198[.]173[.]163:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Black Basta Ransomware Victim: UPONOR
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: Jeppesen
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: Sterling
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Royal Ransomware Victim: Leo Hamel Fine Jewelers
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – danabot – 48b9fa0cc39ab3ee91aa4ed8c8ef61bb
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, banker, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – danabot – 9c06b180481364e6ca02d9fad0ef9638
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, banker, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 266e3e83a172ee31f8301c1516424542
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 266e3e83a172ee31f8301c1516424542SHA1: 2713be6a03de737f57127c8b3bb9504295751e15ANALYSIS DATE: 2022-12-15T22:40:49ZTTPS: T1053, T1005, T1081, T1012, T1082, T1060,...
