HIVE Ransomware Victim: Guilford College
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
threatintel
Malware Analysis – ransomware – 47f4ddc8dea00202c94c7c6d99a225c0
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 47f4ddc8dea00202c94c7c6d99a225c0SHA1: f66a92b85c212f2536486de1873ba9bec2ef0ea6ANALYSIS DATE: 2022-11-25T17:49:09ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 073dc8c4a0c6935c102890782b476008
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 073dc8c4a0c6935c102890782b476008SHA1: ec8e4732c88d78e0e95ebb28eab04e3781256739ANALYSIS DATE: 2022-11-25T16:20:08ZTTPS: T1005, T1081, T1053, T1012,...
Malware Analysis – smokeloader – 21703db23fb0a203eb76140f986645f4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 21703db23fb0a203eb76140f986645f4SHA1: 3c374b80b8263b7b339b8abd6f4e476e7675091cANALYSIS DATE: 2022-11-25T17:22:15ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1a0a136c94b2e23aa2a596002a02853d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, ransomware, trojanMD5: 1a0a136c94b2e23aa2a596002a02853dSHA1: 6b714445a95d93bf023b4aa9f8355c9a13be9fb7ANALYSIS DATE: 2022-11-25T17:00:23ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family...
Google fixed the eighth actively exploited #Chrome #zeroday this year
Google on Thursday released security updates to address a new zero-day vulnerability, tracked as CVE-2022-4135, impacting the Chrome web browser....
Experts investigate WhatsApp data leak: 500M user records for sale
Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original...
SharpSCCM – A C# Utility For Interacting With SCCM
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement and...
Karakurt Ransomware Victim: Ethigen Limited
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Malware Analysis – djvu – 49392e02f7688b47f6babcf687cf5d91
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 49392e02f7688b47f6babcf687cf5d91SHA1: 3e667b085532edde5c6adea500edee55859ab743ANALYSIS DATE: 2022-11-25T09:01:13ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – amadey – ddfa266969e3ad7e738080e21fba2ba9
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:kript, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Cobalt Stike Beacon Detected – 198[.]144[.]183[.]9:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]13[.]5[.]233:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]57[.]232[.]6:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 0706a5e09c3a7e2dbbdba209aebdab24
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0706a5e09c3a7e2dbbdba209aebdab24SHA1: 3353060b6b6cfd1d6c8acbd7bdc8c2067feef23fANALYSIS DATE: 2022-11-25T09:14:25ZTTPS: T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 375ec00e2e4319d0f51fdce08ba10c8a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 375ec00e2e4319d0f51fdce08ba10c8aSHA1: 04b6c4855ea47a5eb1cd7862ab338ce22129c006ANALYSIS DATE: 2022-11-25T10:53:13ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – amadey – ea94bcabd73267ef225bb9e52aec3659
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, stealer, trojanMD5: ea94bcabd73267ef225bb9e52aec3659SHA1: f7fe137bc0431e04ec0bd4a83f9f9f5f867286a0ANALYSIS DATE: 2022-11-25T10:31:35ZTTPS:...
Malware Analysis – djvu – 58b5209aa0001d580ab13ecf79d09750
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 58b5209aa0001d580ab13ecf79d09750SHA1: 2d5f3452cf6358aa8e5810774e668fc918875b13ANALYSIS DATE: 2022-11-25T10:14:41ZTTPS: T1005, T1081, T1012, T1060,...
Black Basta Ransomware Victim: Maple Leaf Foods
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 172[.]105[.]222[.]100:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]155[.]126[.]25:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]55[.]226[.]33:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]36:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 4e8b949ac446e0ac8f2caa7878a3134e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 4e8b949ac446e0ac8f2caa7878a3134eSHA1: 3d07ab9ad186bd2f95803e8565334f83232b4c29ANALYSIS DATE: 2022-11-25T11:37:45ZTTPS: T1060, T1112, T1222, T1053,...
