threatintel

HIVE Ransomware Victim: Centro Médico Virgen De La Caridad

December 31, 2022

HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Malware Analysis – amadey – a58ba818715cbcd50fff388b246e04d1

December 31, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...

Malware Analysis – discovery – 0cdf7a3eb26b525ed680d9e4ac083846

December 31, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 0cdf7a3eb26b525ed680d9e4ac083846SHA1: f5a17b0288fcb57a4412054b7345e1650cc0164cANALYSIS DATE: 2022-12-31T17:01:05ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – a2596c636a3bf52bcea6b30b6a0e1069

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: a2596c636a3bf52bcea6b30b6a0e1069SHA1: d5645bac3d29b0b2da83443450c8afb49311c223ANALYSIS DATE: 2022-12-31T16:06:14ZTTPS: T1060, T1112, T1222, T1082, T1053,...

Malware Analysis – smokeloader – ebb941aeae54958f197195a8cdc02cbc

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ebb941aeae54958f197195a8cdc02cbcSHA1: 42b41bdaa608fc7723e41d8f9eeac644d1b2cbe5ANALYSIS DATE: 2022-12-31T16:46:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – 8b9cf7d521d223d68a073e69661160cc

December 31, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...

Malware Analysis – amadey – 4c4dbc3a854c94d4544eb851248ecfb9

December 31, 2022

Malware Analysis – discovery – 26421955712b8b1cd7525f22f428766d

December 31, 2022

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: 26421955712b8b1cd7525f22f428766dSHA1: c0ad0f8c37269c739d58d6ac8f2c3a1b97e2f943ANALYSIS DATE: 2022-12-31T17:38:00ZTTPS: T1082, T1222, T1060, T1112, T1012 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 23ff2f5f2c9e41f564461a6ab9b38e17

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 23ff2f5f2c9e41f564461a6ab9b38e17SHA1: 09309c3e0f173cb449eff6af59642669699aa330ANALYSIS DATE: 2022-12-31T17:10:16ZTTPS: T1222, T1060, T1112, T1005,...

Cuba Ransomware Victim: 2networkit

December 31, 2022

Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cuba Ransomware Victim: pu[.]edu[.]lb

December 31, 2022

Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Cobalt Stike Beacon Detected – 91[.]240[.]118[.]210:92

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – f5b06a183a3daf45a79d8e616d688dce

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f5b06a183a3daf45a79d8e616d688dceSHA1: 07d4be49e3b17cc376ac9571a5b23bb9d62fb649ANALYSIS DATE: 2022-12-31T09:43:56ZTTPS: T1222, T1053, T1012, T1005,...

Malware Analysis – smokeloader – 6cbd596168ada838550b6f6e535dbd36

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6cbd596168ada838550b6f6e535dbd36SHA1: 2f152d072b89ecea3eb7e7c5bff9e0b79f52c0e8ANALYSIS DATE: 2022-12-31T09:04:02ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – discovery – e397ed4266ab57c298acaf572d864247

December 31, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: e397ed4266ab57c298acaf572d864247SHA1: 491c1c2dec37d1b56487caaeae3e36168dcbce05ANALYSIS DATE: 2022-12-31T08:49:25ZTTPS: T1060, T1112, T1031, T1130, T1082, T1012, T1120 ScoreMeaningExample10Known...

Malware Analysis – ransomware – 101d606e040f3506412987bfb8bc5182

December 31, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 101d606e040f3506412987bfb8bc5182SHA1: d534c8aa724dfaeeba7686c7c14fd56a9f50f771ANALYSIS DATE: 2022-12-31T09:24:31ZTTPS: T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Cobalt Stike Beacon Detected – 179[.]43[.]162[.]9:443

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:9110

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]139[.]167[.]44:800

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]42[.]19[.]216:80

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 5de11ecab492439480fb87715ec6ae0b

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 5de11ecab492439480fb87715ec6ae0bSHA1: 1ac12b149c613639b2fc4cef6af5df4705b692ccANALYSIS DATE: 2022-12-31T11:40:19ZTTPS: T1060, T1112, T1012, T1005,...

Malware Analysis – – bcb1e5b4dc2eae0d6eb0765130dd26bb

December 31, 2022

Score: 3 MALWARE FAMILY: TAGS:MD5: bcb1e5b4dc2eae0d6eb0765130dd26bbSHA1: e2deb24987120b98586fd88269c5d8fe68314a06ANALYSIS DATE: 2022-12-31T11:48:27ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – amadey – 47de2fabe0fb3d4578c2c7f6f7741c4a

December 31, 2022

Malware Analysis – smokeloader – f55db70dde213b489bed910191d180d2

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f55db70dde213b489bed910191d180d2SHA1: faa9789e8bec8b7c03df02b12871231932b32fcdANALYSIS DATE: 2022-12-31T10:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

threatintel

HIVE Ransomware Victim: Centro Médico Virgen De La Caridad

Malware Analysis – amadey – a58ba818715cbcd50fff388b246e04d1

Malware Analysis – discovery – 0cdf7a3eb26b525ed680d9e4ac083846

Malware Analysis – djvu – a2596c636a3bf52bcea6b30b6a0e1069

Malware Analysis – smokeloader – ebb941aeae54958f197195a8cdc02cbc

Malware Analysis – amadey – 8b9cf7d521d223d68a073e69661160cc

Malware Analysis – amadey – 4c4dbc3a854c94d4544eb851248ecfb9

Malware Analysis – discovery – 26421955712b8b1cd7525f22f428766d

Malware Analysis – djvu – 23ff2f5f2c9e41f564461a6ab9b38e17

Cuba Ransomware Victim: 2networkit

Cuba Ransomware Victim: pu[.]edu[.]lb

Cobalt Stike Beacon Detected – 91[.]240[.]118[.]210:92

Malware Analysis – djvu – f5b06a183a3daf45a79d8e616d688dce

Malware Analysis – smokeloader – 6cbd596168ada838550b6f6e535dbd36

Malware Analysis – discovery – e397ed4266ab57c298acaf572d864247

Malware Analysis – ransomware – 101d606e040f3506412987bfb8bc5182

Cobalt Stike Beacon Detected – 179[.]43[.]162[.]9:443

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:9110

Cobalt Stike Beacon Detected – 43[.]139[.]167[.]44:800

Cobalt Stike Beacon Detected – 101[.]42[.]19[.]216:80

Malware Analysis – djvu – 5de11ecab492439480fb87715ec6ae0b

Malware Analysis – – bcb1e5b4dc2eae0d6eb0765130dd26bb

Malware Analysis – amadey – 47de2fabe0fb3d4578c2c7f6f7741c4a

Malware Analysis – smokeloader – f55db70dde213b489bed910191d180d2

TISZA Világ – 198,520 breached accounts

Cobalt Strike Beacon Detected – 47[.]116[.]208[.]81:8001

Cobalt Strike Beacon Detected – 152[.]136[.]139[.]105:6666

Cobalt Strike Beacon Detected – 47[.]120[.]70[.]161:6666

Cobalt Strike Beacon Detected – 106[.]75[.]215[.]96:8081

You may have missed