ExchangeFinder – Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version
ExchangeFinder is a simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on...
threatintel
DotDumper – An Automatic Unpacker And Logger For DotNet Framework Targeting Files
An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022....
Malware Analysis – djvu – 93c0547134939574209bab5e292eaeed
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 93c0547134939574209bab5e292eaeedSHA1: 8c0deaa8439563a4abae05fc5c00f1802aed55a5ANALYSIS DATE: 2023-01-06T15:26:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – smokeloader – 95432e26e7c83698ae92fd7f4d2b9222
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 95432e26e7c83698ae92fd7f4d2b9222SHA1: a67787768b020628afda97d86381c37fc4dc4806ANALYSIS DATE: 2023-01-06T15:46:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – sodinokibi – 5f58902825d15d59528f98faf43b86c3
Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:$2a$10$d/hor8pzftxyevodyrecsebolxf2dclmqmqjta4y2usfgkhezxq62, campaign:4430, ransomwareMD5: 5f58902825d15d59528f98faf43b86c3SHA1: f09e5e72b433d11a32efe2e5d63db0bc7b8def59ANALYSIS DATE: 2023-01-06T15:34:10ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Royal Ransomware Victim: LEK / HABO
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – persistence – f05f09f300d490e67a9cd0b9022fae09
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: f05f09f300d490e67a9cd0b9022fae09SHA1: 22f498684dcec3fd39d046322b016554124aa266ANALYSIS DATE: 2023-01-06T16:33:50ZTTPS: T1012, T1120, T1082, T1060, T1130, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – amadey – 0d8206f8fbd4cad4c14fbc48e1ecec79
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 0d8206f8fbd4cad4c14fbc48e1ecec79SHA1: 446cf441f1280e16a10a6a7cc48e59aec15d98b3ANALYSIS DATE:...
Malware Analysis – djvu – 90968ea53198c599194304983a2c872e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 90968ea53198c599194304983a2c872eSHA1: 1ca1702e09f31bb8595be784a05f4d492eb73aafANALYSIS DATE: 2023-01-06T16:16:04ZTTPS: T1130, T1112, T1060, T1222, T1082,...
Malware Analysis – amadey – dfca7a657c978b69e88320208730b439
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: dfca7a657c978b69e88320208730b439SHA1: bc815f3ddd98e327204ef3a0664b6ba00423220eANALYSIS DATE:...
HIVE Ransomware Victim: Consulate Health Care
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – discovery – bbc61a962ace5a343b9489e5da288648
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: bbc61a962ace5a343b9489e5da288648SHA1: 01ee948abf008ad7b576595c95beb5015d199730ANALYSIS DATE: 2023-01-06T17:29:41ZTTPS: T1012, T1082, T1057 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – d5f4a4dd7cfce94f91232adca74b896e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: d5f4a4dd7cfce94f91232adca74b896eSHA1: ac7457fede47e2c438c83973c85fdf43df608eb3ANALYSIS DATE: 2023-01-06T17:31:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – djvu – a0c687836dca8e691d7a6e09cf859a87
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: a0c687836dca8e691d7a6e09cf859a87SHA1: 2709628eadbb3e5a7307f038f14e4bc0bfa9d7c7ANALYSIS DATE: 2023-01-06T17:06:03ZTTPS: T1053, T1130, T1112, T1060, T1222,...
Malware Analysis – djvu – 5bbf807c56cf3a364d547ee56141b74e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 5bbf807c56cf3a364d547ee56141b74eSHA1: f03b55aa4df795edd9a05511e0b54d7645d5a714ANALYSIS DATE: 2023-01-06T17:24:05ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – 4c3380ed58f4ee04d6638af670f3d834
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4c3380ed58f4ee04d6638af670f3d834SHA1: 8ebb5a19d4163ea8231b1ff4de7b23c7e5d67919ANALYSIS DATE: 2023-01-06T17:52:50ZTTPS: T1082, T1012, T1060, T1112,...
Malware Analysis – evasion – 8da384b2427b8397a5934182c159c257
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 8da384b2427b8397a5934182c159c257SHA1: 7bcd2d32a19c1ac7bd014dc9e64b806fdff5f5deANALYSIS DATE: 2023-01-06T17:46:43ZTTPS: T1490, T1491, T1112, T1012, T1120, T1082, T1107 ScoreMeaningExample10Known badA malware...
Malware Analysis – chaos – d36637d2e08e4c001d39699cedb6248a
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomwareMD5: d36637d2e08e4c001d39699cedb6248aSHA1: d2b4f5326781dce97cadf039d3e58124c838cb20ANALYSIS DATE: 2023-01-06T17:45:47ZTTPS: T1490, T1059, T1107, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – amadey – 698538668c49ccbc41c8206d9252bacf
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 698538668c49ccbc41c8206d9252bacfSHA1: 2e912da10980b396997396a6ffc74d879a82733cANALYSIS DATE:...
Vice Society Ransomware Victim: PROQUINAL Spradling Group
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Sub-drill Supply
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Xavier University of Louisiana
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: LetMeRepair
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Royal Ransomware Victim: Bevolution Group
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
