Cobalt Stike Beacon Detected – 114[.]116[.]101[.]84:89
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 8[.]212[.]49[.]116:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]135[.]24[.]240:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – fb7d729a0265065108852a71721728ab
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: fb7d729a0265065108852a71721728abSHA1: 60f45ef61a1971ef56c598e4e7c9ea50a8d3f0e6ANALYSIS DATE: 2022-12-12T21:24:46ZTTPS: T1012,...
Malware Analysis – djvu – 3ce3405d342902d9ec619ecebb88e7c0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 3ce3405d342902d9ec619ecebb88e7c0SHA1: ea7a862234245da1b809129099f6ad95de10485eANALYSIS DATE: 2022-12-12T21:04:08ZTTPS: T1012, T1082, T1053, T1005, T1081, T1060,...
Malware Analysis – persistence – e5a2fb54732cc555141fa1d04de2cc92
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: e5a2fb54732cc555141fa1d04de2cc92SHA1: a92095b913449b178aaad39acbfbf0607bcc3fbdANALYSIS DATE: 2022-12-12T21:44:15ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – 950340733bcaea1a64f5b6a0bdaf39d0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 950340733bcaea1a64f5b6a0bdaf39d0SHA1: 6b6ffba189c8e5bc6014405ab7ebea253704931fANALYSIS DATE: 2022-12-12T22:04:17ZTTPS: T1067,...
Cobalt Stike Beacon Detected – 45[.]61[.]185[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 204[.]44[.]125[.]106:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]70[.]100[.]184:4567
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]23[.]229[.]180:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – 146ed6fd74dddfb1127fdc5765cdcb55
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 146ed6fd74dddfb1127fdc5765cdcb55SHA1: 0ab6b06854da85d50dc8189d6d09aad3c1bdd073ANALYSIS DATE: 2022-12-12T23:04:51ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a484413e61615e2aac80d6a3908ee9ff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: a484413e61615e2aac80d6a3908ee9ffSHA1: 84917aa2d1755f054255e916cec417160312e4e7ANALYSIS DATE: 2022-12-12T23:31:04ZTTPS: T1082,...
Malware Analysis – smokeloader – bcf9456781cec3d8c62b9e1706368496
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: bcf9456781cec3d8c62b9e1706368496SHA1: 3edab2399ea087470a161bea548346c92c139c37ANALYSIS DATE: 2022-12-12T23:31:17ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – cf386c67951a059789d0d70abed7d7c1
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cf386c67951a059789d0d70abed7d7c1SHA1: 8a09e1116bd210b9cc678561795d9fbda2037d0dANALYSIS DATE: 2022-12-12T23:12:11ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool....
CISA: Fortinet Releases Security Updates for FortiOS
Fortinet Releases Security Updates for FortiOS Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in...
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
Fortinet fixed an actively exploited FortiOS SSL-VPN flaw that could allow a remote, unauthenticated attacker to execute arbitrary code on devices....
LockBit 3.0 Ransomware Victim: tdtu[.]edu[.]vn
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sentecgroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: financierareyes[.]com[.]mx
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: k-toko[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: dof[.]ca[.]gov
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: rkfoodland[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
