Cobalt Stike Beacon Detected – 108[.]61[.]147[.]158:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]219[.]53[.]166:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]234[.]200[.]96:2086
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]100[.]131[.]229:8084
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]139[.]105[.]143:8086
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]149[.]110:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]130[.]45[.]148:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – 7ec9b72df5a6f82f7e75aafdddf1bbd0
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:modiloader, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 7ec9b72df5a6f82f7e75aafdddf1bbd0SHA1: faeb74ba6cca607299cccd8130585209f1784004ANALYSIS...
Malware Analysis – djvu – f14c38186de4c6eba0b7ff447dbdd249
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: f14c38186de4c6eba0b7ff447dbdd249SHA1: a782fee561f437b3845633d5b8ddbcd7de7500eeANALYSIS DATE: 2022-11-21T21:00:26ZTTPS:...
Malware Analysis – evasion – f5adb1c319ceb270314088b86edb26e5
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: f5adb1c319ceb270314088b86edb26e5SHA1: d09463d16a534402f148f71397e1ca5522a7ed28ANALYSIS DATE: 2022-11-21T22:31:20ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Cobalt Stike Beacon Detected – 49[.]233[.]103[.]218:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]29[.]164[.]40:9000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]14[.]66[.]194:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]155[.]66[.]68:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – ada8b955be3a762f6329c9fc50ec3f4e
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealerMD5: ada8b955be3a762f6329c9fc50ec3f4eSHA1: c64642c65127863588c0dcee7f5efe4560a79b2eANALYSIS DATE: 2022-11-21T23:10:07ZTTPS: T1060, T1112, T1012, T1120, T1082, T1005,...
Malware Analysis – ransomware – 575209a960a7cab884fb7cd2b286526f
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 575209a960a7cab884fb7cd2b286526fSHA1: fbfeab580dc81bad84a64daf8898f0b7383b71dcANALYSIS DATE: 2022-11-21T22:49:13ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – b8f0d46ba03f682bf2c75d2bc6b71bff
Score: 1 MALWARE FAMILY: TAGS:MD5: b8f0d46ba03f682bf2c75d2bc6b71bffSHA1: 878f13ef8a26e7b47b0204f6a34b33ee6db4a093ANALYSIS DATE: 2022-11-21T23:21:02ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 4fc8007cbf247e32a9aad217e54f3776
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4fc8007cbf247e32a9aad217e54f3776SHA1: c4b7bdd7ad6134ba72eac2612b3578b409276a40ANALYSIS DATE: 2022-11-21T22:40:41ZTTPS:...
Malware Analysis – xorist – cfbc736d5a16198f13e7bf360e5004be
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: cfbc736d5a16198f13e7bf360e5004beSHA1: 4aea5ace463590c5c2bd1cc571851e5e630d9331ANALYSIS DATE: 2022-11-21T23:26:29ZTTPS: T1005, T1081, T1060, T1112 ScoreMeaningExample10Known badA...
Malware Analysis – persistence – 1cb62a3e0b7046d02ed4ac43f3c717cc
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 1cb62a3e0b7046d02ed4ac43f3c717ccSHA1: 8c3c65cab75b8efbb1b0d3d8dec51e70db427249ANALYSIS DATE: 2022-11-21T23:24:09ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 48f447d20322caf8063207f9720aa18f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 48f447d20322caf8063207f9720aa18fSHA1: d6e54ee257c2899329d8eaade875c2e7341de502ANALYSIS DATE: 2022-11-21T23:32:43ZTTPS: T1060, T1112, T1082, T1053,...
Malware Analysis – persistence – ba92a58928b82ba662e7abb4ff4014a9
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: ba92a58928b82ba662e7abb4ff4014a9SHA1: 625b969f84a378bf9eac44de81461d9bd36dd34cANALYSIS DATE: 2022-11-21T23:27:06ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Expert published PoC exploit code for macOS sandbox escape flaw
A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła...
Malware Analysis – djvu – 21ed1a8856f1cba3aab93022911ab8a4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 21ed1a8856f1cba3aab93022911ab8a4SHA1: 6711fbe4bb970396d0b77613c4a6bb0a7b352934ANALYSIS DATE: 2022-11-21T15:41:32ZTTPS: T1005, T1081, T1012, T1082,...
