YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of...
OSINT
Malware Analysis – djvu – b01a1b1c19436e4c9c7ba4c8050cf01d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: b01a1b1c19436e4c9c7ba4c8050cf01dSHA1: a8ea730e1acc73846b478447333d915efa5eb974ANALYSIS DATE: 2023-03-15T09:10:59ZTTPS: T1005, T1081, T1012, T1053,...
Malware Analysis – discovery – daad86ad18d95c4439cbc00e1c717128
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: daad86ad18d95c4439cbc00e1c717128SHA1: 089dccbb5bc3ab13481ca73803ba4af8a45bae7bANALYSIS DATE: 2023-03-15T09:09:23ZTTPS: T1012, T1060, T1082, T1112, T1042 ScoreMeaningExample10Known badA malware family...
Malware Analysis – amadey – 0ca5cd39526bb33fca90e5cdf0d0ac5d
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, loader, persistence, ransomware, spyware, stealer,...
Malware Analysis – ransomware – df4ccdcc93d82240feeb83abf41683d7
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: df4ccdcc93d82240feeb83abf41683d7SHA1: 0d48b5dc98e65ceed2a99448a8df3e2f4702250aANALYSIS DATE: 2023-03-15T09:11:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 3b02025002ceb06c4ce1c9c778232664
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistenceMD5: 3b02025002ceb06c4ce1c9c778232664SHA1: 2aeb8b0adb9cc4f198a9f4d907a28ffd2961caf5ANALYSIS DATE: 2023-03-15T10:51:32ZTTPS: T1031, T1562, T1489, T1012, T1112, T1082, T1222, T1060...
Malware Analysis – djvu – 5b5166499d4e1bae9260f07e2a6b7425
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 5b5166499d4e1bae9260f07e2a6b7425SHA1: ad20dadfb4af16d2f7cafa0777652d0fd7bd4ad0ANALYSIS DATE: 2023-03-15T10:27:07ZTTPS: T1222, T1082, T1012, T1053,...
Malware Analysis – amadey – 3fa6103e5d25ff85e7dfe9e61d2b1d2a
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: 3fa6103e5d25ff85e7dfe9e61d2b1d2aSHA1: 1a8fd33ce1a619beee47b2798dcfbeadbcd17419ANALYSIS DATE:...
Malware Analysis – djvu – 198676e50dabce25f8bdb7f6e1ecbec9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 198676e50dabce25f8bdb7f6e1ecbec9SHA1: 79973d12b610dc0787260180b368487d3ce67213ANALYSIS DATE: 2023-03-15T11:45:06ZTTPS: T1130, T1112, T1060, T1053,...
Malware Analysis – djvu – 70d66d43809da468071f45d812aac404
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 70d66d43809da468071f45d812aac404SHA1: cba1c347b410a77c8ff3066052d870a8f1505c4cANALYSIS DATE: 2023-03-15T11:22:06ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – smokeloader – 1cb2590e0e278ac08f7b350e278d02be
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1cb2590e0e278ac08f7b350e278d02beSHA1: d31d69d7e761ef7ef59c57703d8337a2df800693ANALYSIS DATE: 2023-03-15T11:41:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue...
Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects
A widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to redirect visitors to adult-themed...
How to Apply NIST Principles to SaaS in 2023
The National Institute of Standards and Technology (NIST) is one of the standard-bearers in global cybersecurity. The U.S.-based institute's cybersecurity...
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware
Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon,...
Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two...
Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet...
The Prolificacy of LockBit Ransomware
Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat...
Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily
An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability...
GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks
A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral...
Daily Vulnerability Trends: Wed Mar 15 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-0210 No description provided CVE-2022-34689Windows CryptoAPI Spoofing Vulnerability.CVE-2022-24122kernel/ucount.c in the Linux kernel...
Malware Analysis – – 03272cfc7159f032e97bc1a792895115
Score: 7 MALWARE FAMILY: TAGS:MD5: 03272cfc7159f032e97bc1a792895115SHA1: 96c28d99e70beff0c5d4f86005d7273230e3f9a4ANALYSIS DATE: 2023-03-15T03:03:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – db8b00bc6ed976ed0fe41f358669ea76
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: db8b00bc6ed976ed0fe41f358669ea76SHA1: d0f4b3244c98e04c9d53d3ddb5588e3b8cedcbb7ANALYSIS DATE: 2023-03-15T03:23:04ZTTPS: T1012, T1005, T1081, T1082,...
Malware Analysis – djvu – 43a81388da97a601232b351fb4cca79e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 43a81388da97a601232b351fb4cca79eSHA1: 8d17063e0fd37eefb514e67917c25bfc3066cf78ANALYSIS DATE: 2023-03-15T03:28:03ZTTPS: T1222, T1082, T1130, T1112,...
