US-CERT Bulletin (SB23-009):Vulnerability Summary for the Week of January 2, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
threatintel
CISA: NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services
NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services The United Kingdom’s National Cyber Security Centre (NCSC-UK) has released...
BlackCat/ALPHV Ransomware Victim: TIME TECHNOPLAST LIMITED
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Liebra Permana
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
PowerHuntShares – Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains
PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined...
LockBit 3.0 Ransomware Victim: circlevillecourt[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: datair[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 116[.]204[.]211[.]163:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 87[.]251[.]67[.]166:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]132[.]122[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – lockbit – a8e0d56f8c67f1f7b6e592c12d87acab
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: a8e0d56f8c67f1f7b6e592c12d87acabSHA1: ed555f0162ea6ec5b8b8bada743cfc628d376274ANALYSIS DATE: 2023-01-11T09:07:12ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 101[.]42[.]46[.]117:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 157[.]245[.]102[.]164:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 173[.]82[.]196[.]58:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 129[.]152[.]2[.]128:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – aurora – a750f4f224ae7af1c886b39d1c5800d4
Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware, rat,...
Malware Analysis – wannacry – 5c7fb0927db37372da25f270708103a2
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, persistence, ransomware, spyware, stealer, wormMD5: 5c7fb0927db37372da25f270708103a2SHA1: 120ed9279d85cbfa56e5b7779ffa7162074f7a29ANALYSIS DATE: 2023-01-11T09:07:49ZTTPS: T1107, T1490, T1082, T1005, T1081, T1060,...
Malware Analysis – smokeloader – 70d0f4ca40cba87f64e1d482c2eb7167
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 70d0f4ca40cba87f64e1d482c2eb7167SHA1: 2b375e2d01a2bcc809cb5f3adb94d7b2cbd05470ANALYSIS DATE: 2023-01-11T09:31:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – xmrig – f91a4f2fe37f1008f8f2b0d597dbd5fa
Score: 10 MALWARE FAMILY: xmrigTAGS:family:xmrig, discovery, evasion, exploit, minerMD5: f91a4f2fe37f1008f8f2b0d597dbd5faSHA1: 3293698ca35076659fbaaac4868ba57afc3e560dANALYSIS DATE: 2023-01-11T09:23:30ZTTPS: T1031, T1562, T1489, T1222, T1082, T1102, T1112...
Cobalt Stike Beacon Detected – 107[.]189[.]3[.]56:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]45[.]143[.]169:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]151[.]146[.]41:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]113[.]224[.]80:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – wannacry – 3e1358176d57982beb922f2902a37fad
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, persistence, ransomware, wormMD5: 3e1358176d57982beb922f2902a37fadSHA1: db139653e9dd7c669efdfddd69c991b72dcb428bANALYSIS DATE: 2023-01-11T10:21:05ZTTPS: T1012, T1082, T1060, T1112, T1067, T1491 ScoreMeaningExample10Known...
