OSINT

Malware Analysis – ransomware – aeb0f38b1a1ed2a46a6596c9129dd74b

June 30, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: aeb0f38b1a1ed2a46a6596c9129dd74bSHA1: 97a445e0d2e5089437b22b788b972b80097e0129ANALYSIS DATE: 2023-06-30T15:50:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – evasion – 893b6afb6460313309b140f6090dbe62

June 30, 2023

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 893b6afb6460313309b140f6090dbe62SHA1: 5473a670b90c18c5191234770baffc154b1891f7ANALYSIS DATE: 2023-06-30T15:43:15ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – 8f502b8be371ec5422f617203788d743

June 30, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 8f502b8be371ec5422f617203788d743SHA1: e5b2e4da711171ee79ad56ab806bab59361223b0ANALYSIS DATE: 2023-06-30T16:11:29ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – smokeloader – f853a340905e434c326392fba6e020a7

June 30, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f853a340905e434c326392fba6e020a7SHA1: 7f2289a97403d034bb6fd0bf848775a2376f2523ANALYSIS DATE: 2023-06-30T16:20:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – 912e4121a6c9471070938340eec18263

June 30, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 912e4121a6c9471070938340eec18263SHA1: beb717e36becb891c99df74ee82f548f4914c063ANALYSIS DATE: 2023-06-30T15:57:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – 9e7a7c8c355bb44bc58d3124d447cc09

June 30, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9e7a7c8c355bb44bc58d3124d447cc09SHA1: aa09cdb752e77e1019dae37de343335644a9c13dANALYSIS DATE: 2023-06-30T16:07:07ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – d07c83d3938c02bc7befdcf11a8f619e

June 30, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: d07c83d3938c02bc7befdcf11a8f619eSHA1: 6cdcc379877847670c859417a84f3fc265a2b420ANALYSIS DATE: 2023-06-30T16:21:08ZTTPS: T1031, T1562, T1489, T1070 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – d04a4a723dec422af5f36706f42b786a

June 30, 2023

Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: d04a4a723dec422af5f36706f42b786aSHA1: ea1e05908ad8829a046d354533865cd8894f5698ANALYSIS DATE: 2023-06-30T17:38:50ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – ransomware – 538e5f555c01914604cdd44999f5fa39

June 30, 2023

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 538e5f555c01914604cdd44999f5fa39SHA1: 0ceb4b419d66b7c3b7e3b6de0f4dab9806e9b697ANALYSIS DATE: 2023-06-30T17:17:52ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – a7b751b410822403adf979e12e011815

June 30, 2023

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a7b751b410822403adf979e12e011815SHA1: 927e3fe33a7105ffbdd9fa2fba6d260aaae71506ANALYSIS DATE: 2023-06-30T17:52:00ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

CISA: DoS and DDoS Attacks against Multiple Sectors

June 30, 2023

DoS and DDoS Attacks against Multiple Sectors CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service...

News

Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks

June 30, 2023

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing...

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

June 30, 2023

In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...

News

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

June 30, 2023

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can...

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

June 30, 2023

In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...

News

OSINT

Malware Analysis – ransomware – aeb0f38b1a1ed2a46a6596c9129dd74b

Malware Analysis – evasion – 893b6afb6460313309b140f6090dbe62

Malware Analysis – evasion – 8f502b8be371ec5422f617203788d743

Malware Analysis – smokeloader – f853a340905e434c326392fba6e020a7

Malware Analysis – evasion – 912e4121a6c9471070938340eec18263

Malware Analysis – evasion – 9e7a7c8c355bb44bc58d3124d447cc09

Malware Analysis – evasion – d07c83d3938c02bc7befdcf11a8f619e

Malware Analysis – evasion – d04a4a723dec422af5f36706f42b786a

Malware Analysis – ransomware – 538e5f555c01914604cdd44999f5fa39

Malware Analysis – ransomware – a7b751b410822403adf979e12e011815

CISA: DoS and DDoS Attacks against Multiple Sectors

Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

Akira Ransomware Victim: Hospitality Staffing Solutions

Akira Ransomware Victim: 4LEAF, Inc

Akira Ransomware Victim: Nycon

Akira Ransomware Victim: LCG company (URGENT! )

LockBit 3.0 Ransomware Victim: tsmc[.]com

LockBit 3.0 Ransomware Victim: amepl[.]com[.]au

Cobalt Stike Beacon Detected – 42[.]192[.]16[.]196:9998

Cobalt Stike Beacon Detected – 162[.]19[.]68[.]68:443

[LYNX] – Ransomware Victim: Tooling Systems Group

[BLACKBYTE] – Ransomware Victim: DARA Pharma

[INCRANSOM] – Ransomware Victim: Dollar Tree

[BLACKBYTE] – Ransomware Victim: Towne Mortgage

[BLACKBYTE] – Ransomware Victim: Cpat Flex

You may have missed