Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an...
OSINT
Cobalt Stike Beacon Detected – 45[.]76[.]175[.]177:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]215[.]85[.]196:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]15[.]3:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]88[.]170[.]91:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]120:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]61[.]186[.]18:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]60[.]207:6667
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 27[.]50[.]54[.]41:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 478015b7fdf4f18d6b6ecb272e6f4ad9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 478015b7fdf4f18d6b6ecb272e6f4ad9SHA1: 4e2ee1c868ac93a4d58a7f3ae9b3cf6f163fd5ebANALYSIS DATE: 2023-03-03T09:51:03ZTTPS: T1012, T1082, T1053, T1005, T1081,...
Malware Analysis – djvu – 9691efea065f013a3c8fbbd087137738
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 9691efea065f013a3c8fbbd087137738SHA1: 88bd29dd09dd17f4e68787b671f911d37a151724ANALYSIS DATE: 2023-03-03T10:10:37ZTTPS: T1012,...
Malware Analysis – djvu – a2722202bf73fcb71dd0a8b986cc6112
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a2722202bf73fcb71dd0a8b986cc6112SHA1: 7ab035d081aea8b5ee8947aa1a0fd4ee039c0722ANALYSIS DATE: 2023-03-03T09:37:45ZTTPS: T1053, T1222, T1082, T1005, T1081,...
Cobalt Stike Beacon Detected – 64[.]227[.]190[.]71:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]138[.]140:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]212[.]22[.]151:53
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]13[.]165[.]208:2087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 975e10c1763042c45b9778af90d982f0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: 975e10c1763042c45b9778af90d982f0SHA1: 884493d24b7a814107496b296110bff7e76fa26bANALYSIS DATE: 2023-03-03T11:25:19ZTTPS: T1012, T1120, T1082,...
Malware Analysis – djvu – cc8fd902ee4904d7c29e96ceac1384b1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: cc8fd902ee4904d7c29e96ceac1384b1SHA1: 6ba45d26e61a336dec373d1de4a64f89f4fdc2c6ANALYSIS DATE: 2023-03-03T11:03:36ZTTPS: T1082, T1053, T1005, T1081, T1222,...
Malware Analysis – djvu – 8e3357a9edecffea8b0f5dc22d9aacc2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 8e3357a9edecffea8b0f5dc22d9aacc2SHA1: bcd84b4c7acd2511324ea25287d65ec48f59a560ANALYSIS DATE: 2023-03-03T11:08:04ZTTPS: T1005, T1081, T1082, T1012, T1060,...
Malware Analysis – djvu – 4687fd6f88441d2715a0925d9e8a589b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 4687fd6f88441d2715a0925d9e8a589bSHA1: 08c6716bd6480d3afe3b1ba7a03d4395ad1c5073ANALYSIS DATE: 2023-03-03T10:51:49ZTTPS: T1060, T1112, T1005, T1081, T1012,...
Cobalt Stike Beacon Detected – 193[.]134[.]209[.]111:83
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]120[.]10:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]91[.]124[.]187:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]204[.]211[.]163:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
