← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Honeypot Recon: New Variant of SkidMap Targeting Redis
Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of the Honeypot. The trap caught an activity about which the Western world does not hear too often while analyzing SkidMap. More importantly, this variant turned out to be a new, improved, dangerous variation of the malware. Its level of sophistication surprised us quite a bit.
Indicators of Compromise (12)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 000916c60b2ab828ba8cea914c308999 | MD5 of 9970809e1dedce286888f7d25790b4dcca1e704b | 2023-08-02 | |
| FileHash-MD5 | 44de739950eb4a8a3552b4e1987e8ec2 | MD5 of 0ae049aab363fb8d2e164150dffbafd332725e00 | 2023-08-02 | |
| FileHash-MD5 | 49ad1db4b61bb1f23cdcaeb546c6d154 | — | 2023-08-02 | |
| FileHash-MD5 | e23b3c7eb5d68e3cd43e9e61a3055fe8 | MD5 of 940f45f8a5dfb16281a35cd8303cd98c1ab1fabd | 2023-08-02 | |
| FileHash-SHA1 | 0ae049aab363fb8d2e164150dffbafd332725e00 | — | 2023-08-02 | |
| FileHash-SHA1 | 47afaf89bb98705bb0b6eb2b14bdb8eaf84694fa | — | 2023-08-02 | |
| FileHash-SHA1 | 940f45f8a5dfb16281a35cd8303cd98c1ab1fabd | — | 2023-08-02 | |
| FileHash-SHA1 | 9970809e1dedce286888f7d25790b4dcca1e704b | — | 2023-08-02 | |
| FileHash-SHA256 | 1395201601e80b6f0733feb5bc6dee2d5d2b853fb157185486810457b329d712 | — | 2023-08-02 | |
| FileHash-SHA256 | 969e10e4a61cc5f80c414259c4d90c74bcf43ccd5678910700bdc14cd60f9725 | SHA256 of 9970809e1dedce286888f7d25790b4dcca1e704b | 2023-08-02 | |
| FileHash-SHA256 | 9b81bad2111312e669697b69b9f121a1f9519da61cd5d37689e38381c1ffad28 | SHA256 of 0ae049aab363fb8d2e164150dffbafd332725e00 | 2023-08-02 | |
| FileHash-SHA256 | f77c4b704b20affdd737af44cabd3d7b56d8987924f2179137bbeef0e4be0367 | SHA256 of 940f45f8a5dfb16281a35cd8303cd98c1ab1fabd | 2023-08-02 |