Cobalt Stike Beacon Detected – 150[.]158[.]18[.]5:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – cfd9f994ffbc8772cc33d42e3b20bc9a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cfd9f994ffbc8772cc33d42e3b20bc9aSHA1: cec6acf8a6b2f76a8bae4d5598f5e4d562f58cecANALYSIS DATE: 2022-10-13T09:04:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – play – 04910458c6338cd58027336c5a3e0f26
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 04910458c6338cd58027336c5a3e0f26SHA1: 4948cc434de62b14c6a92fb8d15f6355199dd7f2ANALYSIS DATE: 2022-10-13T09:36:03ZTTPS: T1012, T1120, T1082, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 7d1f91670fbc54e859ba130772310031
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7d1f91670fbc54e859ba130772310031SHA1: c986b238c5e0455adb63fcce11b0faa84be0fcdeANALYSIS DATE: 2022-10-13T09:34:39ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – evasion – 641645f7373be3c2e7575bcc67256a95
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 641645f7373be3c2e7575bcc67256a95SHA1: 281595d0916272e209626fb753186419d217d6daANALYSIS DATE: 2022-10-13T08:53:07ZTTPS: T1012, T1082, T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 41[.]216[.]183[.]186:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]48[.]76:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]150[.]36[.]94:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 170[.]178[.]221[.]75:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – danabot – 1c97fe480655937cf930f0995c79cbf7
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 1c97fe480655937cf930f0995c79cbf7SHA1:...
Malware Analysis – ransomware – 360b111625fe3289ea1779b0ca40d489
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 360b111625fe3289ea1779b0ca40d489SHA1: abd454c80be6b25059be9cd381d22124a7e5f41bANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1091, T1005, T1081, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 192684738594363bf7a140d359881d69
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 192684738594363bf7a140d359881d69SHA1: 363e926ba670351ae995462145ab7df4ceb585caANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – ea9d35bc6d698f846ecf13c84b3326f8
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: ea9d35bc6d698f846ecf13c84b3326f8SHA1: 15e7566cd4bfc980e46c9a680b11628f3901bb63ANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Cobalt Stike Beacon Detected – 101[.]35[.]17[.]6:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 51[.]13[.]117[.]44:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]138[.]130[.]122:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]81[.]62:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – bb620b4c8cd29b0e565beb009a797cc4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: bb620b4c8cd29b0e565beb009a797cc4SHA1: 1a1ed9f539edb451729fa238d0f7393e97ffe9c6ANALYSIS DATE: 2022-10-13T10:15:47ZTTPS: T1012, T1082, T1053, T1060,...
Malware Analysis – djvu – e2e744fb489405d8fdb26e14d960fb7a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e2e744fb489405d8fdb26e14d960fb7aSHA1: 7c2b44637e41e8d03a9069a4979cc60cfcb05f2dANALYSIS DATE: 2022-10-13T10:31:08ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – chaos – 101104ab266f519ef2eec3ef1137bcd2
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 101104ab266f519ef2eec3ef1137bcd2SHA1: 2aedc1d100bda8064273301d7c1433285220b73eANALYSIS DATE: 2022-10-13T10:21:04ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 354aa164855b5cbaeafcd282b9a60958
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 354aa164855b5cbaeafcd282b9a60958SHA1: 42023de2bf25ca33b5538b21655e5321594e8cf0ANALYSIS DATE:...
YoWhatsApp, unofficial WhatsApp Android app spreads the Triada Trojan
Kaspersky researchers warn of a recently discovered malicious version of a popular WhatsApp messenger mod dubbed YoWhatsApp. Kaspersky researchers discovered...
Daily Vulnerability Trends: Thu Oct 13 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-31680The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform...
Malicious WhatsApp mod distributed through legitimate apps
Last year, we wrote about the Triada Trojan inside FMWhatsApp, a modified WhatsApp build. At that time, we discovered that...
