Glupteba botnet is back after Google disrupted it in December 2021
The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In...
OSINT
Daily Vulnerability Trends: Mon Dec 19 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-4543 No description provided CVE-2022-37958SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure...
Malware Analysis – djvu – 0c246c9724d37db8e1e388eb7b67b4d6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 0c246c9724d37db8e1e388eb7b67b4d6SHA1: 53ef66867056199d75cdf1b093e9662b9032aaafANALYSIS DATE: 2022-12-19T04:02:03ZTTPS: T1222, T1053, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 116ebb1279a72d75e1913df07145b5f6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 116ebb1279a72d75e1913df07145b5f6SHA1: 56d17ed186a8469a032d9041298a7239549930cbANALYSIS DATE: 2022-12-19T04:12:15ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – cc51027fe809014366bdb0d51177353a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: cc51027fe809014366bdb0d51177353aSHA1: 320ac83c8b3caad29abb48e6aa04a962a7ba1e15ANALYSIS DATE: 2022-12-19T04:34:54ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 0ce77b2c6105b271e56a9fdba7ebe4d9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 0ce77b2c6105b271e56a9fdba7ebe4d9SHA1: a7ced72278d1f09669b6515044f60ab64e2ba5f2ANALYSIS DATE: 2022-12-19T05:14:56ZTTPS: T1053, T1130, T1112, T1060, T1222, T1082 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – d74a0dc62986de2c0dc1386a0f27df7c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: d74a0dc62986de2c0dc1386a0f27df7cSHA1: cdd0b78d4efa72029e1e6a5f8273904c1ba55fc6ANALYSIS DATE: 2022-12-19T05:32:27ZTTPS: T1060, T1112, T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – 4d166f22b6002cc5de2e127f9896c8ef
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 4d166f22b6002cc5de2e127f9896c8efSHA1: 6008c5993a49782ef49ba03a8c4cd8aa9f793962ANALYSIS DATE: 2022-12-18T21:35:26ZTTPS: T1053, T1005, T1081, T1012, T1082, T1060,...
Malware Analysis – djvu – 1a53998a5d3e71f0ccdfe220c8646fe1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 1a53998a5d3e71f0ccdfe220c8646fe1SHA1: 670c135cb9c0c1e96cf643ffff145bac9d760056ANALYSIS DATE: 2022-12-18T21:41:19ZTTPS: T1005, T1081, T1012, T1082, T1060, T1112,...
Cobalt Stike Beacon Detected – 179[.]43[.]142[.]47:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 143[.]198[.]243[.]87:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – e042f4ff059f6cc2d7ff9b7264ab0ac6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: e042f4ff059f6cc2d7ff9b7264ab0ac6SHA1: 92c04e46499feea5044ec106befa6860ed69bfdbANALYSIS DATE: 2022-12-18T21:52:17ZTTPS: T1053, T1005, T1081, T1082, T1012, T1060,...
Malware Analysis – djvu – 72b2a065abf168e59664b44decd2ef35
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 72b2a065abf168e59664b44decd2ef35SHA1: d160b6d3e25af6517a3bf689aabb7b5cbc2a128cANALYSIS DATE: 2022-12-18T23:18:24ZTTPS: T1005, T1081, T1012, T1082, T1053, T1060,...
Malware Analysis – – f7cfde09766f705aa7717231944be39f
Score: 8 MALWARE FAMILY: TAGS:MD5: f7cfde09766f705aa7717231944be39fSHA1: 0600a2b770ef58d04d1697f5de02393ce7f9511bANALYSIS DATE: 2022-12-18T22:09:09ZTTPS: T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – discovery – 713ffacc6fedcfb758c95ae0a6e8cffc
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 713ffacc6fedcfb758c95ae0a6e8cffcSHA1: 700cb7f2233537cb59d7dcb9908533a64c9bbdedANALYSIS DATE: 2022-12-18T22:01:28ZTTPS: T1018, T1060, T1112, T1107, T1490, T1070, T1082, T1222,...
Security Affairs newsletter Round 398 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Google announced end-to-end encryption for Gmail web
Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web...
laZzzy – Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques
laZzzy is a shellcode loader that demonstrates different execution ClickOnce Publishing Python3 and the required modules: python3 -m pip install...
Cobalt Stike Beacon Detected – 198[.]98[.]55[.]58:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]92[.]32[.]1:8086
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]208:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]142[.]137:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]234[.]72[.]142:86
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]207[.]46:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
