← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
COINBASE CARTEL - RedPacketSecurity[.]com • CVE BANK
WHITE COINBASE CARTEL Q.Vashti 2025-12-07 Modified: 2026-01-06
187
IOCs
HIGH VOLUME
Based on information gathered ; researchers have attempted to warned (Netgear. / Targets) early. Exploits a CVE Bank under DGA domain name : Red Packet Security [.] com. Contact information redacted. Other information shows a Tijuana , Mexico Address . Contact name is a Mexican / Hispanic Forename & Surname . Accuracy unknown. Not including in references. Has explored for sum time using different DGA’s. One reference from an informative , three year old Pulse ( by blokchanz ) included in references.
activecvecriticalphishingtrojanransomwarebuffer overflowfile corruptionmetaformcloudflarecve bankmimick kimsukytargetnetgearapt73motion capturered packetsecuritymexicounited statesdgacontacted by researchersexploitsremotemanipulationtijuana
Indicators of Compromise (187)
All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE domain hostname email
TYPEINDICATORDESCRIPTIONCREATED
URL https://redpacketsecurity.com/all 2025-12-07
URL https://www.redpacketsecurity.com/chromeos-multiple-vulnerabilities-11-06-2024/ 2025-12-07
URL https://www.redpacketsecurity.com/cloudflare-warns-of-india-linked-hackers-targeting-south-and-east-asian-entities/ 2025-12-07
URL https://www.redpacketsecurity.com/coinbasecartel-ransomware-victim-cinvestav/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2025-4549/ 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-3a4f5417b5666b7e633850bf85345b89 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-6bcb11a9c59cb41aa9b01303313fbef2 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-smokeloader-9b680fe6c94c5c5efd8d1ee47e6bc9a3 2025-12-07
URL https://www.redpacketsecurity.com/qilin-ransomware-victim-applied-technology-resources/ 2025-12-07
FileHash-MD5 0bffab8de978679c204fe21331058575 MD5 of f3830a7b5b741df86cc52d7432a7d6a30a6772e6 2025-12-07
FileHash-MD5 17c6bac6b04b88cdced96c37db03f6cb MD5 of f9878c8d39e06db584bcc7b1c0d3428f960da077 2025-12-07
FileHash-MD5 3580aa18f94b7334e5af86a9df3179f7 MD5 of 011ff27d6e1ae18b56b6c392ce48549632993e62 2025-12-07
FileHash-MD5 3e132606c5205c1200f61a3dd211c794 MD5 of 00ef28583d621983254fb0285fcd1084e0d4d030 2025-12-07
FileHash-MD5 88e9a7a0194592061b2aa9b2c6b45e88 MD5 of f5fbc5029ec4f1f6ae9f05f2d9d374fe1b878758 2025-12-07
FileHash-MD5 a398399a3cf53c16d8d9eb535174c4ae MD5 of 8696d4b0a585d6ac07068a7a4e83daffecf73b30 2025-12-07
FileHash-MD5 becd0d98fcc5851e2096d2e17a9a1983 MD5 of 5065dd217c08d075a1db7cea02cc159467b8f29f 2025-12-07
FileHash-MD5 d5c3b6fa21913ae9786e07beecc35f51 MD5 of 7ba75800f149f4366d989380e887e0cf59f32398 2025-12-07
FileHash-SHA1 00ef28583d621983254fb0285fcd1084e0d4d030 SHA1 of 3e132606c5205c1200f61a3dd211c794 2025-12-07
FileHash-SHA1 011ff27d6e1ae18b56b6c392ce48549632993e62 SHA1 of 3580aa18f94b7334e5af86a9df3179f7 2025-12-07
FileHash-SHA1 5065dd217c08d075a1db7cea02cc159467b8f29f SHA1 of becd0d98fcc5851e2096d2e17a9a1983 2025-12-07
FileHash-SHA1 7ba75800f149f4366d989380e887e0cf59f32398 SHA1 of d5c3b6fa21913ae9786e07beecc35f51 2025-12-07
FileHash-SHA1 8696d4b0a585d6ac07068a7a4e83daffecf73b30 SHA1 of a398399a3cf53c16d8d9eb535174c4ae 2025-12-07
FileHash-SHA1 f3830a7b5b741df86cc52d7432a7d6a30a6772e6 SHA1 of 0bffab8de978679c204fe21331058575 2025-12-07
FileHash-SHA1 f5fbc5029ec4f1f6ae9f05f2d9d374fe1b878758 SHA1 of 88e9a7a0194592061b2aa9b2c6b45e88 2025-12-07
FileHash-SHA1 f9878c8d39e06db584bcc7b1c0d3428f960da077 SHA1 of 17c6bac6b04b88cdced96c37db03f6cb 2025-12-07
FileHash-SHA256 0fbc842bae87c51d6988218b84248b04ba0b8673bdf05b68c8adf3e4d1676fd6 SHA256 of f5fbc5029ec4f1f6ae9f05f2d9d374fe1b878758 2025-12-07
FileHash-SHA256 41dd514a9b94569ab29e3e76b9ee071d003cc31f6dc473b11f81bfe7c16ed3f5 SHA256 of 5065dd217c08d075a1db7cea02cc159467b8f29f 2025-12-07
FileHash-SHA256 51a6b4c188e92ccc120ce217df17cda2623c1b5cd253f6a40ff72d4ec86fbd52 SHA256 of 011ff27d6e1ae18b56b6c392ce48549632993e62 2025-12-07
FileHash-SHA256 64e5df249288878cc0ff2b193643a5b5cde4db2b6b2518006aedd80a2bba095d SHA256 of 7ba75800f149f4366d989380e887e0cf59f32398 2025-12-07
FileHash-SHA256 82d6956f8020ca338c385d8ebcf291c0a9c2377a6af243974de8715645417c4f SHA256 of f3830a7b5b741df86cc52d7432a7d6a30a6772e6 2025-12-07
FileHash-SHA256 8fed00a8bd4ba8cc9f32f0807dcd2fa6c6cb4286c74bb46a4c436751b5797721 SHA256 of f9878c8d39e06db584bcc7b1c0d3428f960da077 2025-12-07
FileHash-SHA256 e330fbdaf7e98db778be141413030f29b24848e3235bcc5c2e93b2d9dfd3beda SHA256 of 00ef28583d621983254fb0285fcd1084e0d4d030 2025-12-07
FileHash-SHA256 fee5d8fd05908fcee9bf7e1b538a62b69e280ba9a6f400c27acf810acbfbccc2 SHA256 of 8696d4b0a585d6ac07068a7a4e83daffecf73b30 2025-12-07
CVE CVE-2015-4495 2025-12-07
CVE CVE-2020-11917 2025-12-07
CVE CVE-2023-24552 2025-12-07
CVE CVE-2024-12847 2025-12-07
CVE CVE-2024-27234 2025-12-07
CVE CVE-2024-51683 2025-12-07
CVE CVE-2025-4135 2025-12-07
CVE CVE-2025-4140 2025-12-07
CVE CVE-2025-4142 2025-12-07
CVE CVE-2025-4549 2025-12-07
CVE CVE-2025-45492 2025-12-07
CVE CVE-2025-59230 2025-12-07
FileHash-MD5 02f83fe24845fc6e11673865f3e638a6 2025-12-07
FileHash-MD5 0a4bdd16fd0000e7e963a37000000001 2025-12-07
FileHash-MD5 117665adcf6258541591a576ef8f1bb0 2025-12-07
FileHash-MD5 3a4f5417b5666b7e633850bf85345b89 2025-12-07
FileHash-MD5 3c10dc9df5b42968e8bbe67387bc30a2 MD5 of eae93159c2eada20557e7bcef365cbfc6e25b471 2025-12-07
FileHash-MD5 438cf47622af9d1b30264ffa212885de MD5 of 68cc5baa2e5b0d4851152cb68a1eb6bbb5aec33c 2025-12-07
FileHash-MD5 545edb09eef6849f6c2b3f87b3dfc5d3 MD5 of f151ea5b66632f6ec0be913627d5b7bcd1f36f35 2025-12-07
FileHash-MD5 5eb828dff6222ddbe9a3ee89ccf031c5 2025-12-07
FileHash-MD5 60ff077bb695fbf5542a70c57825a5c4 2025-12-07
FileHash-MD5 62d2eee763f97a3ee7eedd9c44d4ae06 MD5 of 809809a585c0275ab3a5620b974b1ca75acec2d6 2025-12-07
FileHash-MD5 6bcb11a9c59cb41aa9b01303313fbef2 2025-12-07
FileHash-MD5 6e296346d4757eecd73797a518ad667a 2025-12-07
FileHash-MD5 72f9392396752894a1b80334391351e2 MD5 of c71f76aa9920604ee44e89146993dc2d0207d3ca 2025-12-07
FileHash-MD5 959911ee1e7389ad2370e5ae284354c4 2025-12-07
FileHash-MD5 9b680fe6c94c5c5efd8d1ee47e6bc9a3 2025-12-07
FileHash-MD5 ca9e31daedf9572ee47446eedbb038f6 MD5 of afeb158ac5b4a5b264f74146a33a4aa1c7ead53f 2025-12-07
FileHash-MD5 fbdde4446467cf7b6e2edc26f470ed98 2025-12-07
FileHash-SHA1 68cc5baa2e5b0d4851152cb68a1eb6bbb5aec33c 2025-12-07
FileHash-SHA1 809809a585c0275ab3a5620b974b1ca75acec2d6 SHA1 of 62d2eee763f97a3ee7eedd9c44d4ae06 2025-12-07
FileHash-SHA1 8bf6f75b4d6f54581776d089bb271dcb3939aac0 2025-12-07
FileHash-SHA1 afeb158ac5b4a5b264f74146a33a4aa1c7ead53f 2025-12-07
FileHash-SHA1 c71f76aa9920604ee44e89146993dc2d0207d3ca 2025-12-07
FileHash-SHA1 d7979a486abf3193b2d8d8f89a9e503f34430d35 2025-12-07
FileHash-SHA1 eae93159c2eada20557e7bcef365cbfc6e25b471 SHA1 of 3c10dc9df5b42968e8bbe67387bc30a2 2025-12-07
FileHash-SHA1 f151ea5b66632f6ec0be913627d5b7bcd1f36f35 SHA1 of 545edb09eef6849f6c2b3f87b3dfc5d3 2025-12-07
FileHash-SHA256 0d70972b8adae855bb879233d742726b3af542999932d5d38fe6cc856dc79f3e SHA256 of c71f76aa9920604ee44e89146993dc2d0207d3ca 2025-12-07
FileHash-SHA256 583038c9bc729be9bdd83c94d1c8349c2e23b602c039e8b4d158ba98bcb1d583 SHA256 of afeb158ac5b4a5b264f74146a33a4aa1c7ead53f 2025-12-07
FileHash-SHA256 7d2aa7c5b24aa89287251d1a01d0852f8deb5495ea411eb4f6031264c19896ec SHA256 of 68cc5baa2e5b0d4851152cb68a1eb6bbb5aec33c 2025-12-07
FileHash-SHA256 92b358b06c14ac94aaa14ae0fa8c124fbee535e92326a12db9b41b3302fd81b3 SHA256 of 809809a585c0275ab3a5620b974b1ca75acec2d6 2025-12-07
FileHash-SHA256 e6e31997eb7c4d11417eacc33fc9d1c3fe58345729c8a120ca29348ce45bd73e SHA256 of eae93159c2eada20557e7bcef365cbfc6e25b471 2025-12-07
FileHash-SHA256 f06133c30cc78b44cc122d2843504b492508d6bc001ce505666f82bf29913e4f SHA256 of f151ea5b66632f6ec0be913627d5b7bcd1f36f35 2025-12-07
URL http://evilginx.redpacketsecurity.com 2025-12-07
URL http://phish-demo-poc.phish-demo-poc.redpacketsecurity.com 2025-12-07
URL http://phish-demo-poc.redpacketsecurity.com 2025-12-07
URL http://redpacketsecurity.com 2025-12-07
URL http://redpacketsecurity.com/north-korea-s-kimsuky-group-mimics-kr 2025-12-07
URL http://subdomainhere.phish-demo-poc.redpacketsecurity.com 2025-12-07
URL http://www.redpacketsecurity.com/tonto-team-uses-any 2025-12-07
URL https://evilginx.redpacketsecurity.com 2025-12-07
URL https://phish-demo-poc.phish-demo-poc.redpacketsecurity.com 2025-12-07
URL https://phish-demo-poc.redpacketsecurity.com 2025-12-07
URL https://preshweb.com/prize.php 2025-12-07
URL https://redpacketsecurity.com 2025-12-07
URL https://subdomainhere.phish-demo-poc.redpacketsecurity.com 2025-12-07
URL https://www.redpacketsecurity.com/8base-ransomware-victim-pws-the-laundry-company-18/ 2025-12-07
URL https://www.redpacketsecurity.com/all-ring-tech-co-ltd-added-to-bert-ransomware-leak-site/ 2025-12-07
URL https://www.redpacketsecurity.com/alphalocker-ransomware-victim-www-myriversidedentaloffice-com/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-hpecds-com/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-mgfsourcing-com/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-modplan-co-uk/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-sokkakreatif-com/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-www-baldinger-ag-ch/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-www-legilog-fr/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-www-scopeset-de/ 2025-12-07
URL https://www.redpacketsecurity.com/apt73-ransomware-victim-www-trinitesolutions-com/ 2025-12-07
domain preshweb.com 2025-12-07
domain redpacketsecurity.com 2025-12-07
hostname evilginx.redpacketsecurity.com 2025-12-07
hostname phish-demo-poc.phish-demo-poc.redpacketsecurity.com 2025-12-07
hostname phish-demo-poc.redpacketsecurity.com 2025-12-07
hostname subdomainhere.phish-demo-poc.redpacketsecurity.com 2025-12-07
hostname www.redpacketsecurity.com 2025-12-07
URL https://www.redpacketsecurity.com/black-basta-ransomware-victim-team-jobs/ 2025-12-07
URL https://www.redpacketsecurity.com/cisa-cisco-releases-security-updates-addressing-arcanedoor-vulnerabilities-in-cisco-firewall-platforms-24-04-2024/ 2025-12-07
URL https://www.redpacketsecurity.com/cisa-snowflake-recommends-customers-take-steps-to-prevent-unauthorized-access-03-06-2024/ 2025-12-07
URL https://www.redpacketsecurity.com/cisa-vulnerability-summary-for-the-week-of-february-17-2025/ 2025-12-07
URL https://www.redpacketsecurity.com/cisa-vulnerability-summary-for-the-week-of-january-6-2025/ 2025-12-07
URL https://www.redpacketsecurity.com/cisa-vulnerability-summary-for-the-week-of-march-24-2025/ 2025-12-07
URL https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-45-144-136-86-port-81/ 2025-12-07
URL https://www.redpacketsecurity.com/coinbasecartel-ransomware-victim-championx/ 2025-12-07
URL https://www.redpacketsecurity.com/coinbasecartel-ransomware-victim-limocar-by-transdev-ca/ 2025-12-07
URL https://www.redpacketsecurity.com/coinbasecartel-ransomware-victim-paccar/ 2025-12-07
URL https://www.redpacketsecurity.com/cve-alert-cve-2025-59230-microsoft-windows-10-version-1809/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2020-11917/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2024-12847/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2024-51683/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2025-4135/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2025-4140/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2025-4142/ 2025-12-07
URL https://www.redpacketsecurity.com/cve_alert_cve-2025-45492/ 2025-12-07
URL https://www.redpacketsecurity.com/eldorado-ransomware-victim-www-keizers-ca/ 2025-12-07
URL https://www.redpacketsecurity.com/evasive-qbot-malware-leverages-short-lived-residential-ips-for-dynamic-attacks-3/ 2025-12-07
URL https://www.redpacketsecurity.com/everest-ransomware-victim-peoplecheck/ 2025-12-07
URL https://www.redpacketsecurity.com/finastra-notifies-customers-of-data-breach/ 2025-12-07
URL https://www.redpacketsecurity.com/firefox-0day-cve-2015-4495/ 2025-12-07
URL https://www.redpacketsecurity.com/fog-ransomware-victim-gitlabs-bolin-centre-for-climate-research-x-lab-group-madia/ 2025-12-07
URL https://www.redpacketsecurity.com/fog-ransomware-victim-village-community-school-vcsnyc-org/ 2025-12-07
URL https://www.redpacketsecurity.com/google-android-information-disclosure-cve-2024-27234/ 2025-12-07
URL https://www.redpacketsecurity.com/guacamaya 2025-12-07
URL https://www.redpacketsecurity.com/how-to-detect-new-threats-via-suspicious-activities/ 2025-12-07
URL https://www.redpacketsecurity.com/interlock-ransomware-victim-city-of-peabody-ma/ 2025-12-07
URL https://www.redpacketsecurity.com/interlock-ransomware-victim-your-building-centers/ 2025-12-07
URL https://www.redpacketsecurity.com/kazu-ransomware-victim-national-civil-service-commission-of-colombia/ 2025-12-07
URL https://www.redpacketsecurity.com/lynx-ransomware-victim-hanson-chambers/ 2025-12-07
URL https://www.redpacketsecurity.com/lynx-ransomware-victim-tri-sen-systems/ 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-3c10dc9df5b42968e8bbe67387bc30a2 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-3c10dc9df5b42968e8bbe67387bc30a2/ 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-545edb09eef6849f6c2b3f87b3dfc5d3 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-5eb828dff6222ddbe9a3ee89ccf031c5 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-60ff077bb695fbf5542a70c57825a5c4 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-dcrat-fbdde4446467cf7b6e2edc26f470ed98 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-02f83fe24845fc6e11673865f3e638a6 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-0bffab8de978679c204fe21331058575 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-117665adcf6258541591a576ef8f1bb0 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-17c6bac6b04b88cdced96c37db03f6cb 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-3580aa18f94b7334e5af86a9df3179f7 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-3e132606c5205c1200f61a3dd211c794 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-88e9a7a0194592061b2aa9b2c6b45e88/ 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-959911ee1e7389ad2370e5ae284354c4 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-a398399a3cf53c16d8d9eb535174c4ae 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-becd0d98fcc5851e2096d2e17a9a1983 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-djvu-d5c3b6fa21913ae9786e07beecc35f51 2025-12-07
URL https://www.redpacketsecurity.com/malware-analysis-smokeloader-62d2eee763f97a3ee7eedd9c44d4ae06 2025-12-07
URL https://www.redpacketsecurity.com/nightspire-ransomware-victim-vascara-vietnam/ 2025-12-07
URL https://www.redpacketsecurity.com/north-korea-s-kimsuky-group-mimics-ke 2025-12-07
URL https://www.redpacketsecurity.com/north-korea-s-kimsuky-group-mimics-key-figures-in-targeted-cyber-attacks-3/ 2025-12-07
URL https://www.redpacketsecurity.com/pikabot-distributed-via-malicious-ads-6/ 2025-12-07
URL https://www.redpacketsecurity.com/play-ransomware-victim-eia-global/ 2025-12-07
URL https://www.redpacketsecurity.com/play-ransomware-victim-eia-global/&ved=2ahUKEwiv2o29pbqOAxXDXfEDHYuNETEQFnoECBkQAQ&usg=AOvVaw0MWKWIZ-56X4TPRRCAjifA 2025-12-07
URL https://www.redpacketsecurity.com/python-powered-malware-snags-hundreds-of-credit-cards-200k-passwords-and-4mcookies/ 2025-12-07
URL https://www.redpacketsecurity.com/siemens-solid-edge-code-execution-cve-2023-24552/ 2025-12-07
URL https://www.redpacketsecurity.com/summary-of-ai-leaders-spill-their-secrets-webinar/ 2025-12-07
URL https://www.redpacketsecurity.com/thousands-of-organizations-targeted-via-operation-chimaera/ 2025-12-07
URL https://www.redpacketsecurity.com/tonto-... 2025-12-07
URL https://www.redpacketsecurity.com/tonto-team-... 2025-12-07
URL https://www.redpacketsecurity.com/tonto-team-uses-an- 2025-12-07
URL https://www.redpacketsecurity.com/tonto-team-uses-anti-malware-file-to-launch-attacks-on-south-korean-institutions/ 2025-12-07
URL https://www.redpacketsecurity.com/tonto-team-uses-anti-malware-file-to-launch-attacks-on-south-korean-institutions/\ 2025-12-07
URL https://www.redpacketsecurity.com/troy-hunt-s-mailchimp-list-16-627-breached-accounts/ 2025-12-07
URL https://www.redpacketsecurity.com/worldleaks-ransomware-victim-tech-mahindra/ 2025-12-07
domain trkjs.id 2025-12-07
hostname sni.cloudflaressl.com 2025-12-07
URL http://uri.cloudflare.com/cdn 2025-12-07
URL https://www.cloudflare.com/5xx 2025-12-07
domain icann.org 2025-12-07
email registrar-abuse@cloudflare.com 2025-12-07
hostname a.nel.cloudflare.com 2025-12-07
hostname nick.ns.cloudflare.com 2025-12-07
hostname tani.ns.cloudflare.com 2025-12-07
hostname uri.cloudflare.com 2025-12-07
hostname whois.cloudflare.com 2025-12-07
hostname www.cloudflare.com 2025-12-07
References (1)
↗ Relationship by blokchanz -> https://otx.alienvault.com/pulse/63819ac31fc0ad0b85e90f9f