Cobalt Stike Beacon Detected – 154[.]39[.]157[.]8:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]94[.]240[.]207:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 1f3fa4c1b46a4c543c5cfb65727ee66f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 1f3fa4c1b46a4c543c5cfb65727ee66fSHA1: 3ef7cb7af6958c82b6fbba86765141f7b704aaefANALYSIS DATE: 2023-02-15T10:03:48ZTTPS:...
Malware Analysis – smokeloader – e137a8d531e7def08ae705ee04f8089a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e137a8d531e7def08ae705ee04f8089aSHA1: b7f57f8d7d22ba40cfe834976583f6c054c121fcANALYSIS DATE: 2023-02-15T09:06:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]38:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]46[.]185[.]86:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]100[.]215[.]156:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]195[.]249[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – e57762afc5371e7b0c32ac6712c85e78
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e57762afc5371e7b0c32ac6712c85e78SHA1: 348ad22c24a2c90b0067f524120eb5799d8b8c94ANALYSIS DATE: 2023-02-15T10:30:09ZTTPS: T1060, T1112, T1222, T1005,...
Malware Analysis – – 2e3bdf628e9bfaa6fe04786c390bdc6e
Score: 8 MALWARE FAMILY: TAGS:MD5: 2e3bdf628e9bfaa6fe04786c390bdc6eSHA1: 09e783f6b97b7e84e0b736b8db308d25a8c22633ANALYSIS DATE: 2023-02-15T10:05:30ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – e6c4eb245ab9d0b8435986f7d0d3283e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e6c4eb245ab9d0b8435986f7d0d3283eSHA1: 7c790fd8289e60f5de7f54525d6fcddcd71cbca8ANALYSIS DATE: 2023-02-15T10:10:30ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – 89af5f0e7d2b08f92443bd39f80948c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 89af5f0e7d2b08f92443bd39f80948c8SHA1: 05d2b1ac67cc405e10a0d82872ddc1befbd9151bANALYSIS DATE: 2023-02-15T10:06:31ZTTPS: T1005, T1081, T1053, T1222,...
Malware Analysis – djvu – d24826e0fe7505e1f34a9c90b740407e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d24826e0fe7505e1f34a9c90b740407eSHA1: a87ff01742a668029e92ff16cd7c957080ea4f0aANALYSIS DATE: 2023-02-15T10:45:27ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – collection – 017214b2759268c211cb65b9df140857
Score: 10 MALWARE FAMILY: collectionTAGS:collection, evasion, ransomware, spyware, stealerMD5: 017214b2759268c211cb65b9df140857SHA1: 87953d31303e156302a1939c7dffd538c116af22ANALYSIS DATE: 2023-02-15T11:17:17ZTTPS: T1082, T1158, T1112, T1491, T1114, T1130, T1005,...
Malware Analysis – maze – 61b32a82577a7ea823ff7303ab6b4283
Score: 10 MALWARE FAMILY: mazeTAGS:family:maze, ransomware, spyware, stealer, trojanMD5: 61b32a82577a7ea823ff7303ab6b4283SHA1: 9107c719795fa5768498abb4fed11d907e44d55eANALYSIS DATE: 2023-02-15T11:35:21ZTTPS: T1491, T1112, T1005, T1081, T1107, T1490 ScoreMeaningExample10Known...
Malware Analysis – djvu – e46127da689e4443d5332c16019ec1fe
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e46127da689e4443d5332c16019ec1feSHA1: c0fc40e9389822e01d80463a304e5b4349e5be99ANALYSIS...
NameCheap’s email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that...
The Week in Ransomware – February 10th 2023 – Clop’s Back
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware....
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. Released in May...
Devs targeted by W4SP Stealer malware in malicious PyPi packages
Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from...
Pepsi Bottling Ventures suffers data breach after malware attack
Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing...
Spain, U.S. dismantle phishing gang that stole $5 million in a year
Spain's National Police and the U.S. Secret Service have dismantled a Madrid-based international cybercrime ring comprised of nine members who...
FTC: $1.3 billion lost by 70,000 Americans to romance scams last year
The U.S. Federal Trade Commission (FTC) says Americans once again reported record losses of $1.3 billion to romance scams in...
Lazarus hackers use new mixer to hide $100 million in stolen crypto
North Korean hackers have found a way around U.S.-imposed sanctions to launder the cryptocurrency proceeds from their heists, according to...
