Cobalt Stike Beacon Detected – 61[.]80[.]41[.]232:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 137[.]184[.]137[.]107:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]71[.]153[.]157:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – cryptolocker – 7ea2c970326af64b1b196c4dd12e61dc
Score: 10 MALWARE FAMILY: cryptolockerTAGS:family:cryptolocker, persistence, ransomwareMD5: 7ea2c970326af64b1b196c4dd12e61dcSHA1: a3dbdf84d229d3ff549855cf7adc34e75d01efd3ANALYSIS DATE: 2022-12-06T20:15:08ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – 52e67a0a7aebd9cca711125688c904a5
Score: 4 MALWARE FAMILY: TAGS:MD5: 52e67a0a7aebd9cca711125688c904a5SHA1: 005128c92e59105f222f3d8170fbadcb88b2683fANALYSIS DATE: 2022-12-06T19:40:38ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – cryptolocker – de400607d06b41a6f8b0935c3607541d
Score: 10 MALWARE FAMILY: cryptolockerTAGS:family:cryptolocker, persistence, ransomwareMD5: de400607d06b41a6f8b0935c3607541dSHA1: f9924a0eb4e715f2c5e370235d39f295b6f95aa8ANALYSIS DATE: 2022-12-06T19:57:44ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – cryptolocker – e9cd494b249cea7b968fa89f1e7d40de
Score: 10 MALWARE FAMILY: cryptolockerTAGS:family:cryptolocker, persistence, ransomwareMD5: e9cd494b249cea7b968fa89f1e7d40deSHA1: fd514fe256f815cfecf67fb57e16d106443d90dcANALYSIS DATE: 2022-12-06T20:09:24ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Cobalt Stike Beacon Detected – 47[.]108[.]180[.]121:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]99[.]188[.]174:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]104[.]195[.]224:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]15[.]156[.]72:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – b85200da07534670c19a452e8cf94d40
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: b85200da07534670c19a452e8cf94d40SHA1: e9debd6ea4862a077cfa269799c0c70d507f6462ANALYSIS DATE: 2022-12-11T11:45:22ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – djvu – 7011a50374f20222e50adbf8c57d1730
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 7011a50374f20222e50adbf8c57d1730SHA1: f96e41f353a7b2b79afcf52863d5569297104b2cANALYSIS DATE: 2022-12-11T09:41:48ZTTPS: T1060, T1112, T1222, T1082, T1012 ScoreMeaningExample10Known badA malware...
Malware Analysis – dcrat – e5760df2c65c11d905780331e136cfc7
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – ransomware – e16b5576b95393b3665cd557a11c3ca7
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e16b5576b95393b3665cd557a11c3ca7SHA1: 3af32b357fcace447b6474f4105f62159eae6d3fANALYSIS DATE: 2022-12-11T08:59:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
MuddyWater APT group is back with updated TTPs
The Iran-linked MuddyWater APT is targeting countries in the Middle East as well as Central and West Asia in a new campaign....
Proofpoint Enterprise Protection cross-site scripting | CVE-2022-46332
NAME Proofpoint Enterprise Protection cross-site scripting Platforms Affected:Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Proofpoint Enterprise Protection is vulnerable to cross-site scripting, caused...
Schmorpforge Software rxvt-unicode code execution | CVE-2022-4170
NAME Schmorpforge Software rxvt-unicode code execution Platforms Affected:Schmorpforge Software rxvt-unicode 9.25 Schmorpforge Software rxvt-unicode 9.26Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Schmorpforge Software...
Sophos Mobile External Entity Injection | CVE-2022-3980
NAME Sophos Mobile External Entity Injection Platforms Affected:Sophos Mobile 9.7.4 Sophos Mobile 5.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Sophos Mobile is vulnerable...
Cisco IP Phone 7800 and 8800 Series firmware buffer overflow | CVE-2022-20968
NAME Cisco IP Phone 7800 and 8800 Series firmware buffer overflow Platforms Affected:Cisco IP Phone 7800 Series Cisco IP Phone...
Node.js pdfmake module code execution | CVE-2022-46161
NAME Node.js pdfmake module code execution Platforms Affected:Risk Level:10Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js pdfmake module could allow a remote...
Daily Vulnerability Trends: Sun Dec 11 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
Malware Analysis – upx – 7e3f8869d34b959d0b4381edae96e70a
Score: 8 MALWARE FAMILY: upxTAGS:upxMD5: 7e3f8869d34b959d0b4381edae96e70aSHA1: cd3c93170a853fb61324c4a7aba76f9fe61f472cANALYSIS DATE: 2022-12-06T15:12:41ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dcrat – 3c10dc9df5b42968e8bbe67387bc30a2
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
