OSINT

Malware Analysis – amadey – aa5cdf45ddc9c7cdcd6d5aee1e1c80e2

February 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: aa5cdf45ddc9c7cdcd6d5aee1e1c80e2SHA1:...

Malware Analysis – ransomware – cccc83f84ef321c7d604c17234c40f24

February 4, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: cccc83f84ef321c7d604c17234c40f24SHA1: 7c9cd1a4d93077974869f421490303efb8823615ANALYSIS DATE: 2023-02-04T03:46:39ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – amadey – 3bb17138f075edbb3c7ff1ae371378ea

February 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...

Malware Analysis – chaos – f0fd67c94f25de71c2fcdff4af0d2889

February 4, 2023

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomware, spyware, stealerMD5: f0fd67c94f25de71c2fcdff4af0d2889SHA1: 2f4884f4e241d0bda353dc074ea1752e0b79af8cANALYSIS DATE: 2023-02-04T05:25:06ZTTPS: T1490, T1059, T1107, T1082, T1491, T1112, T1005,...

Malware Analysis – amadey – fbb4581199f9cce736dc01aca56b1be2

February 4, 2023

Malware Analysis – chaos – 2c6f8e680a400cb2b5426090ccbdea93

February 4, 2023

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomware, spyware, stealerMD5: 2c6f8e680a400cb2b5426090ccbdea93SHA1: 47a691c438547b27fac9896f3783026d8be4dbe9ANALYSIS DATE: 2023-02-04T05:25:11ZTTPS: T1490, T1059, T1107, T1082, T1005, T1081, T1491,...

Malware Analysis – amadey – fd02bf0f245e164419efd8783fd5e536

February 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:laplas, family:smokeloader, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: fd02bf0f245e164419efd8783fd5e536SHA1: e3efc6c4a901833b1564ffd04c0ddf9e250538ccANALYSIS...

Malware Analysis – djvu – a10001188943b8189970fde759969f48

February 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a10001188943b8189970fde759969f48SHA1: b32d033108644ddb50848b12fe95f95f70ca835aANALYSIS DATE: 2023-02-04T05:31:42ZTTPS: T1012, T1082, T1060, T1112,...

Malware Analysis – evasion – 60e7ed1e5a4f355fbb6cc950aa3a76c8

February 4, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 60e7ed1e5a4f355fbb6cc950aa3a76c8SHA1: d4af30d0b5a84a3c3c40c0d8501802bce4ed1be9ANALYSIS DATE: 2023-02-04T05:45:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – chaos – fa06e6aadef2365052156f12c92d7b09

February 4, 2023

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomware, spyware, stealerMD5: fa06e6aadef2365052156f12c92d7b09SHA1: 82de91795547028be327e75cee0fdf082352bfc9ANALYSIS DATE: 2023-02-04T05:26:04ZTTPS: T1490, T1059, T1107, T1491, T1112, T1082, T1005,...

OSINT

Malware Analysis – amadey – aa5cdf45ddc9c7cdcd6d5aee1e1c80e2

Malware Analysis – ransomware – cccc83f84ef321c7d604c17234c40f24

Malware Analysis – amadey – 3bb17138f075edbb3c7ff1ae371378ea

Malware Analysis – chaos – f0fd67c94f25de71c2fcdff4af0d2889

Malware Analysis – amadey – fbb4581199f9cce736dc01aca56b1be2

Malware Analysis – chaos – 2c6f8e680a400cb2b5426090ccbdea93

Malware Analysis – amadey – fd02bf0f245e164419efd8783fd5e536

Malware Analysis – djvu – a10001188943b8189970fde759969f48

Malware Analysis – evasion – 60e7ed1e5a4f355fbb6cc950aa3a76c8

Malware Analysis – chaos – fa06e6aadef2365052156f12c92d7b09

Instant Checkmate – 11,943,887 breached accounts

LockBit 3.0 Ransomware Victim: virtuosgames[.]com

Cobalt Stike Beacon Detected – 120[.]77[.]1[.]92:8000

Cobalt Stike Beacon Detected – 109[.]172[.]45[.]85:80

Cobalt Stike Beacon Detected – 199[.]195[.]251[.]23:80

Cobalt Stike Beacon Detected – 82[.]157[.]163[.]90:80

Cobalt Stike Beacon Detected – 192[.]227[.]232[.]195:80

LockBit 3.0 Ransomware Victim: urmgroup[.]com[.]au

Cobalt Stike Beacon Detected – 154[.]12[.]35[.]140:80

Cobalt Stike Beacon Detected – 47[.]242[.]63[.]91:4443

Cobalt Stike Beacon Detected – 34[.]29[.]37[.]160:443

Cobalt Stike Beacon Detected – 179[.]60[.]147[.]188:80

Cobalt Stike Beacon Detected – 3[.]29[.]24[.]212:443

Cobalt Stike Beacon Detected – 82[.]157[.]102[.]120:8082

Cobalt Strike Beacon Detected – 119[.]91[.]203[.]199:88

Cobalt Strike Beacon Detected – 106[.]54[.]239[.]134:80

Cobalt Strike Beacon Detected – 81[.]69[.]98[.]230:50010

Cobalt Strike Beacon Detected – 103[.]43[.]18[.]10:80

Cobalt Strike Beacon Detected – 38[.]190[.]198[.]55:80

You may have missed