threatintel

Cl0p Ransomware Victim: ONEX[.]COM

March 15, 2023

Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Malware Analysis – lockbit – 85ca694de55c02d285e997e7671c9e43

March 15, 2023

Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 85ca694de55c02d285e997e7671c9e43SHA1: e4ecabeb1f0df4ae69a9408d6522f039fd3a4968ANALYSIS DATE: 2023-03-15T15:56:06ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – – bcc2e38c80b962e6990f7f0538ce4cc4

March 15, 2023

Score: 3 MALWARE FAMILY: TAGS:MD5: bcc2e38c80b962e6990f7f0538ce4cc4SHA1: bfa80f1fbb9407e6e284ae68502c889d66c4b582ANALYSIS DATE: 2023-03-15T15:32:44ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – amadey – 23bd56688d0f348d255bf35fc1b4ccb0

March 15, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:redline, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, loader, persistence, ransomware, spyware,...

Malware Analysis – djvu – 60d9ef4f0519476454fe63f02b2045a5

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 60d9ef4f0519476454fe63f02b2045a5SHA1: 2b2beae33470fb86f91795b1b36553e9e5c6707fANALYSIS DATE: 2023-03-15T16:26:47ZTTPS: T1005, T1081, T1222, T1053,...

Malware Analysis – djvu – e5d35ba593a099d53257e82be0167a31

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: e5d35ba593a099d53257e82be0167a31SHA1: 87608ccb984d8873c5b10c339a58664aff0d8ba3ANALYSIS DATE: 2023-03-15T16:48:14ZTTPS: T1222, T1060, T1112, T1005,...

Malware Analysis – – b8b80a59bc3d4e11730cbabf7311fd60

March 15, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: b8b80a59bc3d4e11730cbabf7311fd60SHA1: 821c8b6a541e9f9d1dd7ab1c4c0906fd418a86ffANALYSIS DATE: 2023-03-15T15:56:27ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

March 15, 2023

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss...

The Different Methods and Stages of Penetration Testing

March 15, 2023

The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial...

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

March 15, 2023

Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023....

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

March 15, 2023

A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of...

Malware Analysis – djvu – b01a1b1c19436e4c9c7ba4c8050cf01d

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: b01a1b1c19436e4c9c7ba4c8050cf01dSHA1: a8ea730e1acc73846b478447333d915efa5eb974ANALYSIS DATE: 2023-03-15T09:10:59ZTTPS: T1005, T1081, T1012, T1053,...

Malware Analysis – discovery – daad86ad18d95c4439cbc00e1c717128

March 15, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: daad86ad18d95c4439cbc00e1c717128SHA1: 089dccbb5bc3ab13481ca73803ba4af8a45bae7bANALYSIS DATE: 2023-03-15T09:09:23ZTTPS: T1012, T1060, T1082, T1112, T1042 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – 0ca5cd39526bb33fca90e5cdf0d0ac5d

March 15, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, loader, persistence, ransomware, spyware, stealer,...

Malware Analysis – ransomware – df4ccdcc93d82240feeb83abf41683d7

March 15, 2023

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: df4ccdcc93d82240feeb83abf41683d7SHA1: 0d48b5dc98e65ceed2a99448a8df3e2f4702250aANALYSIS DATE: 2023-03-15T09:11:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – discovery – 3b02025002ceb06c4ce1c9c778232664

March 15, 2023

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistenceMD5: 3b02025002ceb06c4ce1c9c778232664SHA1: 2aeb8b0adb9cc4f198a9f4d907a28ffd2961caf5ANALYSIS DATE: 2023-03-15T10:51:32ZTTPS: T1031, T1562, T1489, T1012, T1112, T1082, T1222, T1060...

Malware Analysis – djvu – 5b5166499d4e1bae9260f07e2a6b7425

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 5b5166499d4e1bae9260f07e2a6b7425SHA1: ad20dadfb4af16d2f7cafa0777652d0fd7bd4ad0ANALYSIS DATE: 2023-03-15T10:27:07ZTTPS: T1222, T1082, T1012, T1053,...

Malware Analysis – amadey – 3fa6103e5d25ff85e7dfe9e61d2b1d2a

March 15, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: 3fa6103e5d25ff85e7dfe9e61d2b1d2aSHA1: 1a8fd33ce1a619beee47b2798dcfbeadbcd17419ANALYSIS DATE:...

Malware Analysis – djvu – 198676e50dabce25f8bdb7f6e1ecbec9

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 198676e50dabce25f8bdb7f6e1ecbec9SHA1: 79973d12b610dc0787260180b368487d3ce67213ANALYSIS DATE: 2023-03-15T11:45:06ZTTPS: T1130, T1112, T1060, T1053,...

Malware Analysis – djvu – 70d66d43809da468071f45d812aac404

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 70d66d43809da468071f45d812aac404SHA1: cba1c347b410a77c8ff3066052d870a8f1505c4cANALYSIS DATE: 2023-03-15T11:22:06ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – smokeloader – 1cb2590e0e278ac08f7b350e278d02be

March 15, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1cb2590e0e278ac08f7b350e278d02beSHA1: d31d69d7e761ef7ef59c57703d8337a2df800693ANALYSIS DATE: 2023-03-15T11:41:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

threatintel

Cl0p Ransomware Victim: ONEX[.]COM

Malware Analysis – lockbit – 85ca694de55c02d285e997e7671c9e43

Malware Analysis – – bcc2e38c80b962e6990f7f0538ce4cc4

Malware Analysis – amadey – 23bd56688d0f348d255bf35fc1b4ccb0

Malware Analysis – djvu – 60d9ef4f0519476454fe63f02b2045a5

Malware Analysis – djvu – e5d35ba593a099d53257e82be0167a31

Malware Analysis – – b8b80a59bc3d4e11730cbabf7311fd60

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

The Different Methods and Stages of Penetration Testing

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

Malware Analysis – djvu – b01a1b1c19436e4c9c7ba4c8050cf01d

Malware Analysis – discovery – daad86ad18d95c4439cbc00e1c717128

Malware Analysis – amadey – 0ca5cd39526bb33fca90e5cdf0d0ac5d

Malware Analysis – ransomware – df4ccdcc93d82240feeb83abf41683d7

Malware Analysis – discovery – 3b02025002ceb06c4ce1c9c778232664

Malware Analysis – djvu – 5b5166499d4e1bae9260f07e2a6b7425

Malware Analysis – amadey – 3fa6103e5d25ff85e7dfe9e61d2b1d2a

Malware Analysis – djvu – 198676e50dabce25f8bdb7f6e1ecbec9

Malware Analysis – djvu – 70d66d43809da468071f45d812aac404

Malware Analysis – smokeloader – 1cb2590e0e278ac08f7b350e278d02be

How to Apply NIST Principles to SaaS in 2023

Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

[DRAGONFORCE] – Ransomware Victim: GB Mail

[AKIRA] – Ransomware Victim: Mold In Graphic Systems

[STORMOUS] – Ransomware Victim: !

CVE Alert: CVE-2025-12863 – Red Hat – Red Hat Enterprise Linux 10

Cobalt Strike Beacon Detected – 8[.]153[.]205[.]30:8080

You may have missed