OSINT

Malware Analysis – evasion – da0bc578134b0871ce7700c9072d2797

March 14, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomware, upxMD5: da0bc578134b0871ce7700c9072d2797SHA1: 6077aa9fbba54dc04c5c60f58fe31e119484b7c6ANALYSIS DATE: 2023-03-14T11:33:37ZTTPS: T1070 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – 6bed34f9ba8ee3d96ba1278c4e731164

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 6bed34f9ba8ee3d96ba1278c4e731164SHA1: d46f24f3fd2646122c48c228b23f46785e97fd9dANALYSIS DATE: 2023-03-14T11:05:39ZTTPS: T1005, T1081, T1060, T1112,...

Malware Analysis – evasion – 9adec3dda8427bf36fb83f6c384da2c5

March 14, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9adec3dda8427bf36fb83f6c384da2c5SHA1: 83ddb0e215863a669f3d52001ecc022e96647b6aANALYSIS DATE: 2023-03-14T11:39:49ZTTPS: T1070 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Daily Vulnerability Trends: Tue Mar 14 2023

March 14, 2023

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21768Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.CVE-2023-23752An issue was...

Malware Analysis – amadey – 865bf9397d1eea350eb911915c194fc7

March 14, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:pseudomanuscrypt, family:redline, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, backdoor, clipper, discovery, infostealer, loader, persistence, ransomware,...

Malware Analysis – djvu – c61c969e170f1129d7f3ebf17eae8b9e

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: c61c969e170f1129d7f3ebf17eae8b9eSHA1: 49d1641ed44e0434545d32e8dc80b917f6e4d22aANALYSIS DATE: 2023-03-14T04:41:43ZTTPS: T1222, T1012, T1082, T1005,...

Malware Analysis – – 0acd5fdeb1332e99679f9c5403fd5dbe

March 14, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 0acd5fdeb1332e99679f9c5403fd5dbeSHA1: 9941abbb97c285b8528830cae8762b251e16991aANALYSIS DATE: 2023-03-14T04:44:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 24964302d0f649f8c89a638c2fa15440

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 24964302d0f649f8c89a638c2fa15440SHA1: 8ee3a9156b689713ecf5e2b8d7909227a7cc9d20ANALYSIS DATE: 2023-03-14T03:22:52ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – djvu – 6b325bdc2e5bfd7e188312ba41ac587d

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 6b325bdc2e5bfd7e188312ba41ac587dSHA1: c56314a56bd5a04d6eca107e56592ed29076dd6eANALYSIS DATE: 2023-03-14T05:40:32ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – djvu – 8ecd12d813461fdaa46d3ed56c2ec8ae

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 8ecd12d813461fdaa46d3ed56c2ec8aeSHA1: 76c2f600ece9e0ee250dba1bcb350b2b3a5fb03cANALYSIS DATE: 2023-03-14T04:45:52ZTTPS: T1053, T1005, T1081, T1222,...

Malware Analysis – djvu – 13fd90197ba55324bd01b9fa97f5295a

March 14, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 13fd90197ba55324bd01b9fa97f5295aSHA1: 313ac91a6ea6e75c0fe75f65d1254905491b59f6ANALYSIS DATE: 2023-03-14T05:40:09ZTTPS: T1005, T1081, T1082, T1012,...

Malware Analysis – smokeloader – ba85b4a968d98696297a40b45f831e64

March 14, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ba85b4a968d98696297a40b45f831e64SHA1: 0eea4648c30ddc480b7de428c99e49205b1537baANALYSIS DATE: 2023-03-14T05:08:09ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

OSINT

Malware Analysis – evasion – da0bc578134b0871ce7700c9072d2797

Malware Analysis – djvu – 6bed34f9ba8ee3d96ba1278c4e731164

Malware Analysis – evasion – 9adec3dda8427bf36fb83f6c384da2c5

Daily Vulnerability Trends: Tue Mar 14 2023

Malware Analysis – amadey – 865bf9397d1eea350eb911915c194fc7

Malware Analysis – djvu – c61c969e170f1129d7f3ebf17eae8b9e

Malware Analysis – – 0acd5fdeb1332e99679f9c5403fd5dbe

Malware Analysis – djvu – 24964302d0f649f8c89a638c2fa15440

Malware Analysis – djvu – 6b325bdc2e5bfd7e188312ba41ac587d

Malware Analysis – djvu – 8ecd12d813461fdaa46d3ed56c2ec8ae

Malware Analysis – djvu – 13fd90197ba55324bd01b9fa97f5295a

Malware Analysis – smokeloader – ba85b4a968d98696297a40b45f831e64

Cl0p Ransomware Victim: ZISSERFAMILYLAW[.]COM

Cl0p Ransomware Victim: ORBITELECTRIC[.]COM

Cl0p Ransomware Victim: JDAVIDTAXLAW[.]COM

Cl0p Ransomware Victim: OAKDELL[.]COM

Cl0p Ransomware Victim: FAIR-RITE[.]COM

Cl0p Ransomware Victim: AFJCONSULTING[.]NET

Cl0p Ransomware Victim: SA1SOLUTIONS[.]COM

Cl0p Ransomware Victim: THENOC[.]NET

Cl0p Ransomware Victim: DRIVEANDSHINE[.]COM

Cl0p Ransomware Victim: ALTERNATIVETECHS[.]COM

Cl0p Ransomware Victim: TWL[.]DE

Cl0p Ransomware Victim: PROMINENT[.]COM

[QILIN] – Ransomware Victim: Nissan CBI

[INCRANSOM] – Ransomware Victim: Universal Group For Engineering and Consulting

[QILIN] – Ransomware Victim: Fullerton Surgical Center (FSC)

[SPACEBEARS] – Ransomware Victim: All Truck Transportation Co

[SPACEBEARS] – Ransomware Victim: Ambitek

You may have missed