← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Honeypot Recon: New Variant of SkidMap Targeting Redis
WHITE AlienVault 2023-08-02 Modified: 2023-08-02
12
IOCs
MEDIUM VOLUME
Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of the Honeypot. The trap caught an activity about which the Western world does not hear too often while analyzing SkidMap. More importantly, this variant turned out to be a new, improved, dangerous variation of the malware. Its level of sophistication surprised us quite a bit.
SkidMapRedisTrojanMinerrootkit
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (4 / 12 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 0ae049aab363fb8d2e164150dffbafd332725e00 2023-08-02
FileHash-SHA1 47afaf89bb98705bb0b6eb2b14bdb8eaf84694fa 2023-08-02
FileHash-SHA1 940f45f8a5dfb16281a35cd8303cd98c1ab1fabd 2023-08-02
FileHash-SHA1 9970809e1dedce286888f7d25790b4dcca1e704b 2023-08-02
References (1)
↗ https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-new-variant-of-skidmap-targeting-redis/