Cobalt Stike Beacon Detected – 205[.]185[.]114[.]97:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 0dde0c9450eed08bf80da8f7a2ec2a86
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, pyinstaller, ransomware, upxMD5: 0dde0c9450eed08bf80da8f7a2ec2a86SHA1: 9bfd776b25d4eeb9224adff4846471d12cbe285eANALYSIS DATE: 2022-11-02T09:15:49ZTTPS: T1012, T1082, T1060, T1120 ScoreMeaningExample10Known badA malware...
Malware Analysis – evasion – eadb17b5927d0d3ede787219fe4cdf16
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: eadb17b5927d0d3ede787219fe4cdf16SHA1: 8cacc18b9c25bc93ba340f5b1902f783ca23a4b6ANALYSIS DATE: 2022-11-02T09:06:38ZTTPS: T1031, T1082, T1112, T1107, T1490, T1012, T1060, T1120 ScoreMeaningExample10Known...
Cobalt Stike Beacon Detected – 188[.]166[.]199[.]36:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]76:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 2[.]47[.]145[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]56[.]196[.]110:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 4a399bbce7a83483767712b5f4f1b080
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 4a399bbce7a83483767712b5f4f1b080SHA1: 742529c0d685527f8aa72c530819a72379117103ANALYSIS DATE: 2022-11-02T10:20:31ZTTPS: T1082, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – djvu – 1552564d0af2fa30bbb740b1a0ad54a2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 1552564d0af2fa30bbb740b1a0ad54a2SHA1: 95c378e063cfeeea3a7cf3e7857234baf3877e88ANALYSIS DATE: 2022-11-02T10:11:03ZTTPS: T1130, T1112, T1060, T1053, T1005, T1081,...
Malware Analysis – smokeloader – 52db9d38ee83efe292d8e51e7fdbf19d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 52db9d38ee83efe292d8e51e7fdbf19dSHA1: e6dc2646fd00cc12745eec29ddda38fbfdf5494dANALYSIS DATE: 2022-11-02T10:02:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – 1829589d95bdd2c30f0bef154decd426
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 1829589d95bdd2c30f0bef154decd426SHA1: 0c173a34bece843e8e30024c18a9307038f223f4ANALYSIS DATE: 2022-11-02T10:08:13ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Cobalt Stike Beacon Detected – 154[.]204[.]59[.]116:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]89:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]128[.]173[.]115:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]24[.]240[.]80:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 683716645ccd5866870caf64f21951b2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 683716645ccd5866870caf64f21951b2SHA1: 0c138fa06311cc75246c0ee61a2e70fee37cde9eANALYSIS DATE: 2022-11-02T10:21:04ZTTPS: T1222, T1082, T1053, T1005, T1081, T1130,...
Malware Analysis – amadey – c2d648c94f708dca1cbe10cb60260fa9
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – smokeloader – e9f9bedb14d80d6e30192745de74347d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e9f9bedb14d80d6e30192745de74347dSHA1: b1cabbccfdb258835d8684efc400a7db6c3d6498ANALYSIS DATE: 2022-11-02T11:37:01ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 537ecc10bd947a0dd5d9088bf6474fa2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 537ecc10bd947a0dd5d9088bf6474fa2SHA1: 6138e922e5bf72d482cb563e1c52486dbe8b9669ANALYSIS DATE: 2022-11-02T11:40:58ZTTPS: T1005, T1081, T1012, T1082, T1222, T1060,...
Black Basta Ransomware Victim: Popp Hutcheson PLLC
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Dropbox discloses unauthorized access to 130 GitHub source code repositories
Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File...
OpenSSL fixed two high-severity vulnerabilities
The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote...
Daily Vulnerability Trends: Wed Nov 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, specifically in...
APT trends report Q3 2022
For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
