Cobalt Stike Beacon Detected – 114[.]132[.]150[.]96:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]21[.]50[.]117:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 14[.]29[.]238[.]33:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]211[.]12[.]40:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]223[.]196[.]240:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]210[.]196[.]209:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]66[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – persistence – 4d1590f74f68d5588d17fdb24c156bf0
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, upxMD5: 4d1590f74f68d5588d17fdb24c156bf0SHA1: ec3efeaa2ffd2f154bd9c62c3289a52f2ea1843fANALYSIS DATE: 2023-02-20T09:57:47ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – cd4aeb1380ba490dc8526d9a2bf3af60
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cd4aeb1380ba490dc8526d9a2bf3af60SHA1: 2c2376140cb62b7156399e819bce3fc001a74245ANALYSIS DATE: 2023-02-20T09:17:45ZTTPS: T1060, T1112, T1053, T1005,...
Malware Analysis – djvu – 8ad34c20dca363f264f351e37bc4de0c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8ad34c20dca363f264f351e37bc4de0cSHA1: a3a49fde30360819678d1929341de4806e9f235fANALYSIS DATE: 2023-02-20T10:18:14ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – c60d38681ecd6718b7044f402a1bc358
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c60d38681ecd6718b7044f402a1bc358SHA1: 5b959b775af8f8c5698c608383dfa07c8bd1b6e1ANALYSIS DATE: 2023-02-20T10:31:18ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – d3c2c33f75381ca6d55790e5443c9ef3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d3c2c33f75381ca6d55790e5443c9ef3SHA1: 579575c70b0c2ee90beb4eafd542ad08e655a3d1ANALYSIS DATE: 2023-02-20T10:13:22ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – djvu – 6c114aa1f0597811d6e8660c4ead35d9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6c114aa1f0597811d6e8660c4ead35d9SHA1: 16dd339e77705ea33ee7d4fc3fad180a1c4cf38eANALYSIS DATE: 2023-02-20T10:31:19ZTTPS: T1222, T1012, T1082, T1053,...
Brute Ratel C4 Detected – 35[.]72[.]94[.]12:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Malware Analysis – djvu – e2d43c2752ac2abb5899b44b5d371f9e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e2d43c2752ac2abb5899b44b5d371f9eSHA1:...
Malware Analysis – djvu – 4efc0648fd0bd221eeb9182761f8f9a7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4efc0648fd0bd221eeb9182761f8f9a7SHA1: 3cebff1185090b5d9d990c88a39bb7463bb673a2ANALYSIS DATE: 2023-02-20T11:41:44ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – discovery – 5ad74e66323ae26320cd9c051f266a4f
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, ransomware, themida, trojanMD5: 5ad74e66323ae26320cd9c051f266a4fSHA1: d7f999814e7c76466dba21619defc955d2660f20ANALYSIS DATE: 2023-02-20T11:42:00ZTTPS: T1031, T1112, T1089, T1222, T1158, T1107,...
Malware Analysis – djvu – ef0768b3897f3c1e2a5aa25754aa1839
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ef0768b3897f3c1e2a5aa25754aa1839SHA1: 2214d6a5d768cb20d888d05de54a7446eb5c6da6ANALYSIS DATE: 2023-02-20T11:40:30ZTTPS: T1060, T1112, T1053, T1005,...
Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalation | CVE-2022-31808
NAME__________Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalationPlatforms Affected:Siemens SiPass integrated AC5100 Siemens SiPass integrated AC5102 Siemens SiPass...
Palantir Gotham denial of service | CVE-2022-27897
NAME__________Palantir Gotham denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Palantir Gotham is vulnerable to a denial of service, caused by...
Acer Aspire E5-475G BIOS code execution | CVE-2022-40080
NAME__________Acer Aspire E5-475G BIOS code executionPlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Acer Aspire E5-475G BIOS could allow a physical attacker to execute...
Kliqqi-CMS admin/admin_update_module_widgets.php SQL injection | CVE-2020-21119
NAME__________Kliqqi-CMS admin/admin_update_module_widgets.php SQL injectionPlatforms Affected:Kliqqi-CMS Kliqqi-CMS 2.0.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Kliqqi-CMS is vulnerable to SQL injection. A remote authenticated attacker could...
Palantir Gotham denial of service | CVE-2022-27892
NAME__________Palantir Gotham denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Palantir Gotham is vulnerable to a denial of service, caused by...
Palantir Gotham information disclosure | CVE-2022-27891
NAME__________Palantir Gotham information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Palantir Gotham could allow a remote attacker to obtain sensitive information, caused by...
