threatintel

Royal Ransomware Victim: Duplicator Sales & Service

December 4, 2022

RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...

Read More

LockBit 3.0 Ransomware Victim: abilways[.]com

December 4, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Read More

osint

New CryWiper wiper targets Russian entities masquerading as a ransomware

December 4, 2022

Experts spotted a new data wiper, dubbed CryWiper, that was employed in destructive attacks against Russian mayor’s offices and courts. Researchers...

Read More

osint

Security Affairs newsletter Round 396

December 4, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 18[.]133[.]158[.]108:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 179[.]43[.]142[.]47:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 110[.]40[.]214[.]45:80

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 194[.]135[.]24[.]242:80

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 44[.]210[.]9[.]119:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 156[.]234[.]180[.]237:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

brute_ratel_c4

Brute Ratel C4 Detected – 2[.]37[.]28[.]171:9002

December 4, 2022

The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...

Read More

abstract-malware-990x400-1

Malware Analysis – evasion – ddedd0574645d1c496a3a0eb38205624

December 4, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ddedd0574645d1c496a3a0eb38205624SHA1: 127898f7ac3ec9409cab55fbd92566a2a5f87cbcANALYSIS DATE: 2022-12-01T16:48:35ZTTPS: T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 3b7bc00a063e8c42b99a8c1d30075815

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3b7bc00a063e8c42b99a8c1d30075815SHA1: bf1131f0ae5be32891872b7017181602ac4678b6ANALYSIS DATE: 2022-12-03T21:28:42ZTTPS: T1222, T1005, T1081, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 54b32a7be17eb87a95c6a524f44652e9

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 54b32a7be17eb87a95c6a524f44652e9SHA1: 2840f8a761f67ad28f3d4fb7973fe7082547b702ANALYSIS DATE: 2022-12-03T21:04:42ZTTPS: T1012, T1222, T1005, T1081,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – cadeefc5482b30ded21a5a85ba4cd17c

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: cadeefc5482b30ded21a5a85ba4cd17cSHA1: a50f1c365d7d9f08e5671cfac8ef97dfa06b8e6cANALYSIS DATE: 2022-12-03T22:06:39ZTTPS: T1053, T1012, T1082, T1222,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 99eb5514dc519fa850e8f7e76b4d5b34

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 99eb5514dc519fa850e8f7e76b4d5b34SHA1: 8f8edd943311e59f51cee6c8af987078bef297b5ANALYSIS DATE: 2022-12-03T23:40:17ZTTPS: T1005, T1081, T1012, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – 155097c6774693e155ba4d0dc25c3b75

December 4, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 155097c6774693e155ba4d0dc25c3b75SHA1:...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 86404f749c0f6a7c714f497883c338d3

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 86404f749c0f6a7c714f497883c338d3SHA1: 59dd240f1ffa1733c6c2ce00947ba3a5e6940eddANALYSIS DATE: 2022-12-03T21:34:34ZTTPS:...

Read More

Royal Ransomware Victim: All Seasons Global Solutions

December 3, 2022

RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – 2ce74915f622e54426e4daa1bf3af868

December 3, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 2ce74915f622e54426e4daa1bf3af868SHA1:...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – 36a46e8f69a75f3918aa3e3db3dece11

December 3, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 36a46e8f69a75f3918aa3e3db3dece11SHA1:...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 1d5feda2e48bbca86647d607e576e392

December 3, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1d5feda2e48bbca86647d607e576e392SHA1: 8d2bc964d15e8a8c14bffea566f8af08ef30ad55ANALYSIS DATE: 2022-12-03T17:52:51ZTTPS: T1005, T1081, T1012, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – wannacry – e58fdd8b0ce47bcb8ffd89f4499d186d

December 3, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: e58fdd8b0ce47bcb8ffd89f4499d186dSHA1: b7e2334ac6e1ad75e3744661bb590a2d1da98b03ANALYSIS DATE: 2022-12-03T16:45:44ZTTPS: T1491, T1112, T1012, T1120, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 5936d7f20ed782d994cf29e014780c04

December 3, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 5936d7f20ed782d994cf29e014780c04SHA1: f0c955bbe527f206bab2422448bc999c5ec66646ANALYSIS DATE: 2022-12-03T16:32:06ZTTPS: T1005, T1081, T1012, T1082,...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

July 20, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

July 20, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

July 20, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

July 20, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

July 20, 2025