Cobalt Stike Beacon Detected – 62[.]182[.]159[.]147:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – 8ce22bc1444ad810017b5cebba54afef
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8ce22bc1444ad810017b5cebba54afefSHA1: d4d00bae938c76891daaf5bba0c5210ee8a11335ANALYSIS DATE: 2022-10-08T09:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – bed3853c06f4fa8b1dca5cfd5ef08ba3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:vidar, botnet:17aad1e8aa2ca5164d7690cff1926390, botnet:517, botnet:9333547b6d5c69ea798fd93c66d78435, collection, discovery, persistence, ransomware, spyware, stealerMD5: bed3853c06f4fa8b1dca5cfd5ef08ba3SHA1: 08e6df089dfdf1c5c8f61550e33b93bc0373c3f1ANALYSIS DATE: 2022-10-08T08:33:00ZTTPS:...
Malware Analysis – wannacry – 3a90fb6f3194ef7204223681c17d05aa
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 3a90fb6f3194ef7204223681c17d05aaSHA1: dcd511cadc7d96168f1d8a6d4d8ab9793cd5c841ANALYSIS DATE: 2022-10-08T09:39:54ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 8ce22bc1444ad810017b5cebba54afef
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:17aad1e8aa2ca5164d7690cff1926390, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – dded0f80668ac80813b64d0446c08a1a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: dded0f80668ac80813b64d0446c08a1aSHA1: b8bd4baa6f8de52f74680ab9396c382ea37ba1e4ANALYSIS...
Malware Analysis – smokeloader – dded0f80668ac80813b64d0446c08a1a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: dded0f80668ac80813b64d0446c08a1aSHA1: b8bd4baa6f8de52f74680ab9396c382ea37ba1e4ANALYSIS DATE: 2022-10-08T10:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – bf08335a7f356c591227c922bb569924
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: bf08335a7f356c591227c922bb569924SHA1: d7059fca57702cfa55fbe9b41ea8e10b56e69583ANALYSIS DATE: 2022-10-08T10:14:56ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – djvu – 9fd1f518e56f044ab5daae7d530fdfd6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 9fd1f518e56f044ab5daae7d530fdfd6SHA1: 38fd15016a4e44d9d0639b8569226555c4499244ANALYSIS DATE: 2022-10-08T10:10:54ZTTPS: T1053, T1005, T1081, T1012,...
Empire C2 Detected – 138[.]68[.]25[.]174:8999
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
Node.js storeid module code execution |
NAME Node.js storeid module code execution Platforms Affected:Node.js storeid moduleRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js storeid module could allow a remote...
Node.js fuctionjs module code execution |
NAME Node.js fuctionjs module code execution Platforms Affected:Node.js fuctionjsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fuctionjs module could allow a remote attacker...
Node.js fuctioon module code execution |
NAME Node.js fuctioon module code execution Platforms Affected:Node.js fuctioonRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fuctioon module could allow a remote attacker...
Node.js test-mlw1-rugby-miasm-weest-halva module code execution |
NAME Node.js test-mlw1-rugby-miasm-weest-halva module code execution Platforms Affected:Node.js test-mlw1-rugby-miasm-weest-halvaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js test-mlw1-rugby-miasm-weest-halva module could allow a remote attacker...
Node.js javastoreid module code execution |
NAME Node.js javastoreid module code execution Platforms Affected:Node.js javastoreidRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js javastoreid module could allow a remote attacker...
Fortinet FortiOS and Fortinet FortiProxy security bypass | CVE-2022-40684
NAME Fortinet FortiOS and Fortinet FortiProxy security bypass Platforms Affected:Fortinet FortiOS 7.0.0 Fortinet FortiOS 7.0.2 Fortinet FortiOS 7.0.1 Fortinet FortiProxy...
Node.js frontend-libraries module code execution |
NAME Node.js frontend-libraries module code execution Platforms Affected:Node.js frontend-librariesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js frontend-libraries module could allow a remote attacker...
Node.js fetch-safer module code execution |
NAME Node.js fetch-safer module code execution Platforms Affected:Node.js fetch-saferRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js fetch-safer module could allow a remote attacker...
Node.js godshack module code execution |
NAME Node.js godshack module code execution Platforms Affected:Node.js godshackRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js godshack module could allow a remote attacker...
Node.js informationdc module code execution |
NAME Node.js informationdc module code execution Platforms Affected:Node.js informationdcRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js informationdc module could allow a remote attacker...
Node.js shanghe module code execution |
NAME Node.js shanghe module code execution Platforms Affected:Node.js shangheRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shanghe module could allow a remote attacker...
Node.js evil-test-ksvnerwg module code execution |
NAME Node.js evil-test-ksvnerwg module code execution Platforms Affected:Node.js evil-test-ksvnerwgRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js evil-test-ksvnerwg module could allow a remote attacker...
Node.js godshack3 module code execution |
NAME Node.js godshack3 module code execution Platforms Affected:Node.js godshack3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js godshack3 module could allow a remote attacker...
Rockwell Automation FactoryTalk VantagePoint security bypass | CVE-2022-38743
NAME Rockwell Automation FactoryTalk VantagePoint security bypass Platforms Affected:Rockwell Automation FactoryTalk VantagePoint 8.00.00 Rockwell Automation FactoryTalk VantagePoint 8.30.00Risk Level:9.9Exploitability:UnprovenConsequences:Bypass Security...
