OSINT

ffe22063533cc7d73fbaf64863c8f86e3b955ef087f1a6e7a1b1a24ab8140f55

C-99-Shell-PHP7 – PHP 7 And Safe-Build Update Of The Popular C-99 Variant Of PHP Shell

February 9, 2023

C-99-Shell-PHP7 PHP 7 and safe-build Update of the popular C-99 variant of PHP Shell. c-99-shell.php v.2.0 (PHP...

Malware Analysis – fantom – 9d15a3b314600b4c08682b0202700ee7

February 9, 2023

Score: 10 MALWARE FAMILY: fantomTAGS:family:fantom, evasion, ransomware, spyware, stealer, upxMD5: 9d15a3b314600b4c08682b0202700ee7SHA1: 208e79cdb96328d5929248bb8a4dd622cf0684d1ANALYSIS DATE: 2023-02-09T15:12:39ZTTPS: T1012, T1082, T1005, T1081, T1102 ScoreMeaningExample10Known...

Malware Analysis – – fbeddce9531477bcf7607c5883a5c0d2

February 9, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: fbeddce9531477bcf7607c5883a5c0d2SHA1: 351534c1d9b07bcf2f7427ea016685a129dcf044ANALYSIS DATE: 2023-02-09T15:22:31ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 17e4f3aa916ca0e5b25223578daf822f

February 9, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 17e4f3aa916ca0e5b25223578daf822fSHA1: c9cf6d42e128fbb4a7a06bb1fb5c17517f4ee493ANALYSIS DATE: 2023-02-09T17:04:33ZTTPS: T1053, T1005, T1081, T1012,...

Malware Analysis – discovery – 144bac7279821a5778ce270ee308127e

February 9, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomware, spyware, stealerMD5: 144bac7279821a5778ce270ee308127eSHA1: 9216982f01832fce65503f7edb8691ec740fd3cfANALYSIS DATE: 2023-02-09T15:41:34ZTTPS: T1057, T1012, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – 6fda6069f74ac4ac29a6902c26c51dbe

February 9, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6fda6069f74ac4ac29a6902c26c51dbeSHA1: a481c765969c8ea660483fda0d3e629687febf98ANALYSIS DATE: 2023-02-09T16:11:00ZTTPS: T1222, T1012, T1082, T1060,...

OSINT

C-99-Shell-PHP7 – PHP 7 And Safe-Build Update Of The Popular C-99 Variant Of PHP Shell

Malware Analysis – fantom – 9d15a3b314600b4c08682b0202700ee7

Malware Analysis – – fbeddce9531477bcf7607c5883a5c0d2

Malware Analysis – djvu – 17e4f3aa916ca0e5b25223578daf822f

Malware Analysis – discovery – 144bac7279821a5778ce270ee308127e

Malware Analysis – djvu – 6fda6069f74ac4ac29a6902c26c51dbe

LockBit 3.0 Ransomware Victim: arcessex[.]org

CISA: OpenSSL Releases Security Advisory

Cobalt Stike Beacon Detected – 159[.]138[.]24[.]94:80

Cobalt Stike Beacon Detected – 101[.]34[.]163[.]3:8888

Cobalt Stike Beacon Detected – 185[.]112[.]151[.]104:443

Cobalt Stike Beacon Detected – 121[.]4[.]57[.]81:443

Cobalt Stike Beacon Detected – 34[.]245[.]162[.]8:443

Cobalt Stike Beacon Detected – 43[.]143[.]191[.]86:443

Cobalt Stike Beacon Detected – 134[.]209[.]104[.]25:4433

Cobalt Stike Beacon Detected – 51[.]15[.]237[.]189:80

Cobalt Stike Beacon Detected – 18[.]222[.]212[.]70:443

Cobalt Stike Beacon Detected – 199[.]195[.]249[.]113:443

Cobalt Stike Beacon Detected – 20[.]55[.]77[.]132:443

Cobalt Stike Beacon Detected – 46[.]161[.]40[.]118:443

Cobalt Stike Beacon Detected – 43[.]136[.]168[.]94:443

Cobalt Stike Beacon Detected – 43[.]154[.]148[.]145:443

Daily Vulnerability Trends: Thu Feb 09 2023

BreachForums Database Leak Alert: Instant Checkmate

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed