Cobalt Stike Beacon Detected – 43[.]142[.]73[.]5:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – 3b22e5432ed609b29d6f2620161debcd
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3b22e5432ed609b29d6f2620161debcdSHA1: 3b40352996f3a9db62a39e82c7f92eefa4e73bd3ANALYSIS DATE: 2023-02-12T09:31:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 4252a5583234f80329ef453dfd253be4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4252a5583234f80329ef453dfd253be4SHA1: 87a8a128ce59ff461724eedde72fec288bcbba11ANALYSIS DATE: 2023-02-12T09:17:09ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – fcad46ff6a14f8bab7b7b22a93f3557a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: fcad46ff6a14f8bab7b7b22a93f3557aSHA1: 91829e367a65b5d3cedac193235bf1871de922eaANALYSIS DATE: 2023-02-12T09:26:54ZTTPS: T1060, T1112, T1222, T1082, T1053 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 630717681fcc3eea95825d3fd0c489f1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 630717681fcc3eea95825d3fd0c489f1SHA1: ba5a2c63e7c4a2ef7587da8c0dfbb5aefb6cef1dANALYSIS DATE: 2023-02-12T09:47:18ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – djvu – a291f52688753bfec2f04434a6275823
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:rhadamanthys, family:smokeloader, backdoor, discovery, persistence, ransomware, stealer, trojan, vmprotectMD5: a291f52688753bfec2f04434a6275823SHA1: 56f088a229ca6e97b6f9bf97953d22eb0317d7caANALYSIS DATE: 2023-02-12T10:41:53ZTTPS: T1012, T1082,...
Malware Analysis – – d5671758956b39e048680b6a8275e96a
Score: 1 MALWARE FAMILY: TAGS:MD5: d5671758956b39e048680b6a8275e96aSHA1: 33c341130bf9c93311001a6284692c86fec200efANALYSIS DATE: 2023-02-12T10:29:50ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – e8f4df71d5b432592e1773af5894a497
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e8f4df71d5b432592e1773af5894a497SHA1: c1fbe81d2d02d340c85929b4b9b0e26c4deb2927ANALYSIS DATE: 2023-02-12T11:50:41ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – smokeloader – bf216a294f44d0e6ab8cf375867d0ccc
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: bf216a294f44d0e6ab8cf375867d0cccSHA1: 0f2c939a394bed4166500e37dfaf89c18211296aANALYSIS DATE: 2023-02-12T11:35:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Qualcomm Chipsets denial of service | CVE-2022-40513
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets are vulnerable to a denial of service, caused by...
Qualcomm Chipsets denial of service | CVE-2022-40502
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets are vulnerable to a denial of service, caused by...
MediaTek Android privilege escalation | CVE-2022-32654
NAME__________MediaTek Android privilege escalationPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________MediaTek Android could allow a local authenticated attacker to gain elevated privileges on...
Anchore Syft information disclosure | CVE-2023-24827
NAME__________Anchore Syft information disclosurePlatforms Affected:Anchore Syft 0.69.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Anchore Syft could allow a remote attacker to obtain sensitive information,...
MediaTek Android privilege escalation | CVE-2023-20602
NAME__________MediaTek Android privilege escalationPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________MediaTek Android could allow a local authenticated attacker to gain elevated privileges on...
SourceCodester Online Eyewear Shop SQL injection | CVE-2023-0686
NAME__________SourceCodester Online Eyewear Shop SQL injectionPlatforms Affected:SourceCodester Online Eyewear Shop 1.0Risk Level:5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SourceCodester Online Eyewear Shop is vulnerable to...
Qualcomm Chipsets denial of service | CVE-2022-25733
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets are vulnerable to a denial of service, caused by...
MediaTek Android privilege escalation | CVE-2023-20612
NAME__________MediaTek Android privilege escalationPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________MediaTek Android could allow a local authenticated attacker to gain elevated privileges on...
MediaTek Android privilege escalation | CVE-2023-20615
NAME__________MediaTek Android privilege escalationPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________MediaTek Android could allow a local authenticated attacker to gain elevated privileges on...
MediaTek Android information disclosure | CVE-2023-20606
NAME__________MediaTek Android information disclosurePlatforms Affected:Risk Level:4.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MediaTek Android could allow a local authenticated attacker to obtain sensitive information, caused...
Calendar Event Management System SQL injection | CVE-2023-0675
NAME__________Calendar Event Management System SQL injectionPlatforms Affected:Calendar Event Management System Calendar Event Management System 2.3.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Calendar Event Management...
Qualcomm Chipsets code execution | CVE-2022-33280
NAME__________Qualcomm Chipsets code executionPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Chipsets could allow a remote attacker to execute arbitrary code on the...
SourceCodester Medical Certificate Generator SQL injection | CVE-2023-0706
NAME__________SourceCodester Medical Certificate Generator SQL injectionPlatforms Affected:SourceCodester Medical Certificate Generator 1.0Risk Level:5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SourceCodester Medical Certificate Generator is vulnerable to...
eXo Chat cross-site scripting | CVE-2022-4902
NAME__________eXo Chat cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________eXo Chat is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Qualcomm Chipsets denial of service | CVE-2022-33216
NAME__________Qualcomm Chipsets denial of servicePlatforms Affected:Risk Level:6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Qualcomm Chipsets are vulnerable to a denial of service, caused by...
