Cobalt Stike Beacon Detected – 43[.]143[.]174[.]165:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]203[.]111[.]38:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 14[.]39[.]241[.]105:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]132[.]70[.]185:8087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]44[.]42[.]48:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 4[.]234[.]143[.]113:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]28[.]101[.]125:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]55[.]186[.]90:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]72[.]58:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Black Basta Ransomware Victim: Genesys Aerosystems
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – smokeloader – a29a9654cc4f0adf9fb39b1fd0560ab6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a29a9654cc4f0adf9fb39b1fd0560ab6SHA1: 6eee54ed2a8c6c7a8c1cbbcbc67eb93c799784b6ANALYSIS DATE: 2022-10-31T21:12:40ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 5cccc51e564aaed1220ca88d4d427dd3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 5cccc51e564aaed1220ca88d4d427dd3SHA1: efd852e39a3a4825060f8d891137a7d2f56212f6ANALYSIS DATE: 2022-10-31T23:52:39ZTTPS: T1130, T1112, T1060, T1222, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 588a1f4f060dde2049362697a2daaf07
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 588a1f4f060dde2049362697a2daaf07SHA1: 7891825c5559cd2ca61b1a55b785fff419ee36e1ANALYSIS...
Malware Analysis – djvu – 1c2cbe4fd8fdf6bfc328bfd771aec0a0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 1c2cbe4fd8fdf6bfc328bfd771aec0a0SHA1: ac856d3a08a190c65597d1bcbc4aeb879ac0f43cANALYSIS DATE:...
Malware Analysis – djvu – 7f859bff12a742015c4722384f08f5da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 7f859bff12a742015c4722384f08f5daSHA1: 9090f98500ddc5dd41b1c9e89c572181e2e58816ANALYSIS...
US-CERT Bulletin (SB22-304):Vulnerability Summary for the Week of October 24, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
VMware warns of the public availability of CVE-2021-39144 exploit code
VMware warned of the availability of a public exploit for a recently addressed critical remote code execution flaw in NSX...
CISA: CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication
CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication CISA has released two fact sheets to highlight threats against...
Actively exploited Windows Mark-of-the-Web zero-day received an unofficial patch
An unofficial patch for an actively exploited flaw in Microsoft Windows that allows to bypass Mark-of-the-Web (MotW) protections. 0patch released...
Malware Analysis – evasion – 91efa3e788805a851d3319d1c75d3770
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: 91efa3e788805a851d3319d1c75d3770SHA1: 1389eb6b5e83dd20671c0b40cc0e3977715eed71ANALYSIS DATE: 2022-10-30T22:18:17ZTTPS: T1060, T1112, T1004, T1082, T1158, T1088,...
Malware Analysis – evasion – a09d3b0d9ff6e23b97cd1d3359913ef0
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a09d3b0d9ff6e23b97cd1d3359913ef0SHA1: 59b46d681d1529abcf0b5663156fd3cf6cdbb04bANALYSIS DATE: 2022-10-30T22:16:56ZTTPS: T1005, T1081, T1004, T1112, T1158, T1088,...
Malware Analysis – evasion – a203f16e2fbc3828245edffef314ac60
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a203f16e2fbc3828245edffef314ac60SHA1: 84d8a4af0f57d0ee0e8e45a094b4b01ba23dc9aeANALYSIS DATE: 2022-10-30T22:16:51ZTTPS: T1112, T1158, T1088, T1089, T1005, T1081,...
Malware Analysis – evasion – a2122b575133868c70d3d5392613b310
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a2122b575133868c70d3d5392613b310SHA1: 404892eade96a6c53610cffc3119cc88e537047cANALYSIS DATE: 2022-10-30T22:17:15ZTTPS: T1088, T1089, T1112, T1082, T1005, T1081,...
Malware Analysis – evasion – a224312dcf5d55459c3d35a535c9ad90
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: a224312dcf5d55459c3d35a535c9ad90SHA1: 77b9d7386a1e308a1f957dfb05cb86b99b75c272ANALYSIS DATE: 2022-10-30T22:18:28ZTTPS: T1004, T1112, T1082, T1005, T1081, T1012,...
