Cobalt Stike Beacon Detected – 81[.]68[.]184[.]236:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 208[.]167[.]253[.]63:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]68[.]175[.]191:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – b6e08a65972c4023436c14a359fe73af
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, upxMD5: b6e08a65972c4023436c14a359fe73afSHA1: 611847af498d29c8e2404fc7124c994c5f4085b1ANALYSIS DATE: 2022-12-03T10:15:36ZTTPS: T1082, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – persistence – 172a3ab963d3e150845bd3b7d7047034
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 172a3ab963d3e150845bd3b7d7047034SHA1: c28b888ed5754ef5fa7876f1be66dd7675f54b76ANALYSIS DATE: 2022-12-03T11:40:51ZTTPS: T1060, T1112, T1004, T1491 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – d21c5963ef3b01b79b3364ee3836fd33
Score: 7 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: d21c5963ef3b01b79b3364ee3836fd33SHA1: 9703a569ea8cbd5f1b135ac8931ce64e67dc4f69ANALYSIS DATE: 2022-12-03T11:09:54ZTTPS: T1060, T1112, T1491, T1012, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 37693f504555f769a091f00c52f3eab4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 37693f504555f769a091f00c52f3eab4SHA1: cb924b833880a6822bd9cfb30456d12c09a7ef41ANALYSIS DATE: 2022-12-06T09:17:24ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – djvu – 2892caea283ee2c4526774b43d02ea3c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 2892caea283ee2c4526774b43d02ea3cSHA1: 184928ccdc38470af7b4b8363a6796c85b4f27a8ANALYSIS DATE: 2022-12-06T09:37:01ZTTPS:...
Malware Analysis – evasion – 3ab29a70acbd3b0d2c094e3ada484054
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 3ab29a70acbd3b0d2c094e3ada484054SHA1: 12d73c93755c765517f13de942817fd8d9952ec9ANALYSIS DATE: 2022-12-06T09:52:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – evasion – 036dd9df87e9420f03b6c93e44fe6910
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 036dd9df87e9420f03b6c93e44fe6910SHA1: 5776cac2de5c46a98b645b12ba85d69b726f867cANALYSIS DATE: 2022-12-03T11:40:56ZTTPS: T1490, T1158, T1112, T1042, T1004, T1060, T1012, T1120, T1082,...
Malware Analysis – evasion – 040cb7a7191f01d4b6d2c57c936e6514
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 040cb7a7191f01d4b6d2c57c936e6514SHA1: dbf3e6ffe21d4c6a2a842d584f40f0b2253e4399ANALYSIS DATE: 2022-12-06T10:04:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – dcrat – c2b0008dd2da9de079e327b7bd4b0e7f
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: c2b0008dd2da9de079e327b7bd4b0e7fSHA1:...
Malware Analysis – djvu – b71dedbb78ea2dfe6fa072226d737438
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: b71dedbb78ea2dfe6fa072226d737438SHA1: f8df12dd2f96d719487115b7466697606c1340d0ANALYSIS DATE: 2022-12-06T10:26:57ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – lockbit – 01f4a79d51b56f409edd387019d8b127
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 01f4a79d51b56f409edd387019d8b127SHA1: 7624780907ee6987ffb1fc97d8b8b7082b8d2bffANALYSIS DATE: 2022-12-06T10:23:49ZTTPS: T1491, T1112, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – dcrat – 04fc7ec17c6da18d7ecc84b5a7c9a2be
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 04fc7ec17c6da18d7ecc84b5a7c9a2beSHA1:...
Malware Analysis – conti – 2dc5a4338d438ea4e78878cff4cfe2cf
Score: 10 MALWARE FAMILY: contiTAGS:family:conti, ransomware, spyware, stealerMD5: 2dc5a4338d438ea4e78878cff4cfe2cfSHA1: cfdd6e3a69b12d43af94cb0441db3e1ef93f74f8ANALYSIS DATE: 2022-12-06T11:04:53ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – c3236271644d34a1d002df30e0d51816
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: c3236271644d34a1d002df30e0d51816SHA1: bedce148afdb692bb913c741d1842bb3ad527687ANALYSIS DATE: 2022-12-06T11:43:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 4bc7d26b10e95174f4ccfc6c4e4a6566
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 4bc7d26b10e95174f4ccfc6c4e4a6566SHA1: 68019b72bd20aadb51bb19a72dd6d9cb97ec01ddANALYSIS DATE: 2022-12-06T10:37:30ZTTPS: T1012, T1222, T1053, T1005,...
Ransomware Toolkit Cryptonite turning into an accidental wiper
Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of...
Sourcecodester Human Resource Management System file upload | CVE-2022-4273
NAME Sourcecodester Human Resource Management System file upload Platforms Affected:Risk Level:9.8Exploitability:HighConsequences:Gain Access DESCRIPTION Sourcecodester Human Resource Management System could allow...
Mitsubishi Electric MELSEC iQ-R Series devices denial of service | CVE-2022-40265
NAME Mitsubishi Electric MELSEC iQ-R Series devices denial of service Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Mitsubishi Electric MELSEC iQ-R...
MegaRAC BMC unauthorized access | CVE-2022-40242
NAME MegaRAC BMC unauthorized access Platforms Affected:AMI MegaRAC BMCRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MegaRAC BMC could allow a remote attacker to...
Advanced Booking Calendar plugin for WordPress SQL injection | CVE-2022-45822
NAME Advanced Booking Calendar plugin for WordPress SQL injection Platforms Affected:Risk Level:10Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advanced Booking Calendar plugin for WordPress...
MegaRAC BMC code execution | CVE-2022-40259
NAME MegaRAC BMC code execution Platforms Affected:AMI MegaRAC BMCRisk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MegaRAC BMC could allow a remote authenticated attacker...
