Cobalt Stike Beacon Detected – 87[.]251[.]67[.]166:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – lockbit – a8e0d56f8c67f1f7b6e592c12d87acab
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: a8e0d56f8c67f1f7b6e592c12d87acabSHA1: ed555f0162ea6ec5b8b8bada743cfc628d376274ANALYSIS DATE: 2023-01-11T09:07:12ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 129[.]152[.]2[.]128:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 173[.]82[.]196[.]58:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 157[.]245[.]102[.]164:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]46[.]117:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – aurora – a750f4f224ae7af1c886b39d1c5800d4
Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware, rat,...
Malware Analysis – xmrig – f91a4f2fe37f1008f8f2b0d597dbd5fa
Score: 10 MALWARE FAMILY: xmrigTAGS:family:xmrig, discovery, evasion, exploit, minerMD5: f91a4f2fe37f1008f8f2b0d597dbd5faSHA1: 3293698ca35076659fbaaac4868ba57afc3e560dANALYSIS DATE: 2023-01-11T09:23:30ZTTPS: T1031, T1562, T1489, T1222, T1082, T1102, T1112...
Malware Analysis – smokeloader – 70d0f4ca40cba87f64e1d482c2eb7167
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 70d0f4ca40cba87f64e1d482c2eb7167SHA1: 2b375e2d01a2bcc809cb5f3adb94d7b2cbd05470ANALYSIS DATE: 2023-01-11T09:31:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – wannacry – 5c7fb0927db37372da25f270708103a2
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, persistence, ransomware, spyware, stealer, wormMD5: 5c7fb0927db37372da25f270708103a2SHA1: 120ed9279d85cbfa56e5b7779ffa7162074f7a29ANALYSIS DATE: 2023-01-11T09:07:49ZTTPS: T1107, T1490, T1082, T1005, T1081, T1060,...
Cobalt Stike Beacon Detected – 54[.]151[.]146[.]41:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]45[.]143[.]169:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]3[.]56:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]113[.]224[.]80:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – wannacry – 3e1358176d57982beb922f2902a37fad
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, persistence, ransomware, wormMD5: 3e1358176d57982beb922f2902a37fadSHA1: db139653e9dd7c669efdfddd69c991b72dcb428bANALYSIS DATE: 2023-01-11T10:21:05ZTTPS: T1012, T1082, T1060, T1112, T1067, T1491 ScoreMeaningExample10Known...
Malware Analysis – discovery – 5a9d7261ca6fb48b5df18e3e5dcd12e4
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 5a9d7261ca6fb48b5df18e3e5dcd12e4SHA1: c5e5601e995437ff625939876c7cf5a30d8e29eaANALYSIS DATE: 2023-01-11T10:18:25ZTTPS: T1012, T1497, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – f0fa800da38d447e5ec5488cf0533783
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f0fa800da38d447e5ec5488cf0533783SHA1: a18b649c13257ece20693771eda98eeb436d4248ANALYSIS DATE: 2023-01-11T10:20:44ZTTPS: T1082, T1053, T1012, T1060,...
Malware Analysis – djvu – 003110423bef9777e6ef2a55473bd34f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 003110423bef9777e6ef2a55473bd34fSHA1: 5a3036ea4d032f3f40a99cc5febd0133232e005eANALYSIS DATE: 2023-01-11T10:04:15ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – ransomware – b1a0dbcba5aa72bddf6a2619bd1c04d3
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b1a0dbcba5aa72bddf6a2619bd1c04d3SHA1: 80c34dc43c0e0ea556f0412bfa6807f2a956f369ANALYSIS DATE: 2023-01-11T10:51:09ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – ransomware – 2f11fdaaca22cb7c54bb336e80340d3e
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2f11fdaaca22cb7c54bb336e80340d3eSHA1: 3b2d7b85221ac8c0c7d7abcbb06566f53d20e7efANALYSIS DATE: 2023-01-11T11:24:50ZTTPS: T1005, T1081, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 476931064a8b0ecf9a4f5fefd0680a45
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 476931064a8b0ecf9a4f5fefd0680a45SHA1: ee254056c2b0ea556627f3700f3d387bda411952ANALYSIS DATE: 2023-01-11T11:51:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 992727441c0580255be639bd8a738be5
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 992727441c0580255be639bd8a738be5SHA1: e49881c98d86f8b7bd9b80d4d52872b2d4c340f8ANALYSIS DATE: 2023-01-11T11:46:10ZTTPS: T1060, T1012, T1497, T1082, T1112, T1042 ScoreMeaningExample10Known badA...
Siemens SINEC INS code execution | CVE-2022-45094
NAME__________Siemens SINEC INS code executionPlatforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens SINEC INS could allow a remote authenticated attacker within the local...
SAP NetWeaver AS for Java security bypass | CVE-2023-0017
NAME__________SAP NetWeaver AS for Java security bypassPlatforms Affected:SAP NetWeaver AS for JAVA 7.50Risk Level:9.1Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________SAP NetWeaver AS for Java...
