Cobalt Stike Beacon Detected – 110[.]41[.]131[.]105:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]141[.]252:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – 4040afcf9849e20e9305eb95cdd68ccc
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4040afcf9849e20e9305eb95cdd68cccSHA1: 79b900321e613d55e919516e6db4e7d8d153ad1cANALYSIS DATE: 2023-01-01T11:12:17ZTTPS: T1012, T1120, T1082, T1112 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – – a0affa0816e523701464051054026e1c
Score: 3 MALWARE FAMILY: TAGS:MD5: a0affa0816e523701464051054026e1cSHA1: 470172daf36ce355162213e898616b8a775b846cANALYSIS DATE: 2023-01-01T09:44:16ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 89c3af6bef44ab50d7be35828dc5f1e3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 89c3af6bef44ab50d7be35828dc5f1e3SHA1: b2ba0715cfbe5321bbc3e265fd5ec6998ad90c8cANALYSIS DATE: 2023-01-01T11:35:04ZTTPS: T1060, T1112, T1053, T1005,...
Malware Analysis – amadey – e7f05ecc16b05f76c5a228a2b688c93e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
Cobalt Stike Beacon Detected – 43[.]138[.]62[.]36:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]156[.]3[.]238:2087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]178[.]175[.]181:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]156[.]55[.]208:7788
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Multiple Nintendo games buffer overflow | CVE-2022-47949
NAME Multiple Nintendo games buffer overflow Platforms Affected:Nintendo Mario Kart 7 Nintendo Mario Kart 8 Nintendo Mario Kart 8 Deluxe...
memos security bypass | CVE-2022-4814
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
TrueConf Server SQL Injection | CVE-2022-46763
NAME TrueConf Server SQL Injection Platforms Affected:TrueConf TrueConf Server 5.2.0.10225Risk Level:7.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TrueConf Server is vulnerable to SQL injection....
LiuOS security bypass | CVE-2022-46179
NAME LiuOS security bypass Platforms Affected:LiuOS LiuOSRisk Level:8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION LiuOS could allow a local attacker to bypass security restrictions,...
memos security bypass | CVE-2022-4812
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
TrueConf Server SQL Injection | CVE-2022-46764
NAME TrueConf Server SQL Injection Platforms Affected:TrueConf TrueConf Server 5.2.0.10225Risk Level:7.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TrueConf Server is vulnerable to SQL injection....
memos security bypass | CVE-2022-4813
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
Daily Vulnerability Trends: Sun Jan 01 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-48196Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated...
Malware Analysis – amadey – 875a57a33e01873ee9c566882252f2f9
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – c32f1f18730491571309a796b9f38f46
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c32f1f18730491571309a796b9f38f46SHA1: 2594f24d355cf087d0a69ed603293c202403acf2ANALYSIS DATE: 2022-12-31T21:01:23ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – discovery – 30cbb7176e5eff6db09b9ac58e2d0087
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 30cbb7176e5eff6db09b9ac58e2d0087SHA1: 383b8b1f5517c856df40eee799ab19689e7bbbbdANALYSIS DATE: 2022-12-31T22:42:09ZTTPS: T1130, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – cdc85b918fbbb00351af10de34cc606a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cdc85b918fbbb00351af10de34cc606aSHA1: e11c47a9601aa3deef7baaceded201e90b90f2afANALYSIS DATE: 2022-12-31T22:21:19ZTTPS: T1005, T1081, T1082, T1053,...
Malware Analysis – amadey – e9de3e39d8e212cd00a606f8e5b0f986
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e9de3e39d8e212cd00a606f8e5b0f986SHA1:...
Malware Analysis – djvu – 49cbd9d2518f657fff793edb6e69aa34
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 49cbd9d2518f657fff793edb6e69aa34SHA1: 5811fa647ad74bc7162eec0de91cbb989bd30abfANALYSIS DATE: 2022-12-31T22:32:05ZTTPS: T1012, T1082, T1222, T1005,...
