A cyberattack blocked the trains in Denmark
At the end of October, a cyber attack caused the trains to stop in Denmark, the attack hit a third-party...
OSINT
Lolzteam – 398,011 breached accounts
In May 2018, the Russian hacking forum Lolzteam suffered a data breach that exposed 400k members. The impacted data included...
Collect-MemoryDump – Automated Creation Of Windows Memory Snapshots For DFIR
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is Fig 3: Automated Creation of Windows Memory Snapshot...
Cobalt Stike Beacon Detected – 118[.]195[.]137[.]184:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]29[.]115[.]137:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]18[.]98:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 162[.]241[.]127[.]245:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]120:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 12493d8568e0e4718f1cb98b9c926630
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: 12493d8568e0e4718f1cb98b9c926630SHA1: 23e6dfb75a7be7e3c6dd1abcbf517e3cca1dc3b5ANALYSIS DATE: 2022-11-06T07:52:57ZTTPS: T1060, T1112, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 23[.]94[.]212[.]118:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 147[.]182[.]231[.]190:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]71:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]205[.]143[.]74:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 23024ab23bc365bf0717613331c85840
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: 23024ab23bc365bf0717613331c85840SHA1: 067ae2baea2307912787cbadfc90eaf21b7cf164ANALYSIS DATE: 2022-11-06T08:08:16ZTTPS: T1060, T1112, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 09ca2311b84a66711318fb4d2b05b8f6
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 09ca2311b84a66711318fb4d2b05b8f6SHA1: a82a0de4ca864ebf874a36becbac8df16d222d2fANALYSIS DATE: 2022-11-06T08:14:27ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – 0a211295d3703d30c6e181c7e1a6c77f
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0a211295d3703d30c6e181c7e1a6c77fSHA1: 2266d5d1ebdd8ee64b8309bac7ecda52890585efANALYSIS DATE: 2022-11-06T08:38:51ZTTPS: T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – adware – 0a3d897064bc8e8f8ead808689a7ef80
Score: 8 MALWARE FAMILY: adwareTAGS:adware, discovery, exploit, persistence, stealerMD5: 0a3d897064bc8e8f8ead808689a7ef80SHA1: 6532f8bfe1d1fbcabbc146d5f84d64dd68301c94ANALYSIS DATE: 2022-11-06T08:46:53ZTTPS: T1060, T1112, T1222, T1012, T1120, T1082, T1176...
Malware Analysis – smokeloader – 2212724d7ecac2d8523678b73ab3e017
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 2212724d7ecac2d8523678b73ab3e017SHA1: 9c6f185bf01f4e92aa23e0fe5c20a738d9651430ANALYSIS DATE: 2022-11-06T09:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – 20f8dc3a7b75446aad33e4341ea17c90
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: 20f8dc3a7b75446aad33e4341ea17c90SHA1: 4bbfa08c1c39f392eba04485c668dd64649538feANALYSIS DATE: 2022-11-06T09:05:17ZTTPS: T1088, T1089, T1112, T1012, T1082, T1060,...
Malware Analysis – smokeloader – f93f2422c55f945845b58f89ac271a98
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f93f2422c55f945845b58f89ac271a98SHA1: de9bcc38486eda24c6eaa8ea41daeacf3739e6c5ANALYSIS DATE: 2022-11-06T09:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 09c9cc3ad2ce8533dc525922f59ba5f1
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 09c9cc3ad2ce8533dc525922f59ba5f1SHA1: 287b44545e7e3c350f228959675a6499d6bf4a91ANALYSIS DATE: 2022-11-06T09:13:30ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – 31e822142b821050a1d9a440b3e10836
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, spyware, stealer, vmprotectMD5: 31e822142b821050a1d9a440b3e10836SHA1: 8d3a09107b308eef76db21ea09b7081530b9b2f8ANALYSIS DATE: 2022-11-06T09:31:08ZTTPS: T1012, T1082, T1005, T1081, T1107, T1490, T1112,...
Malware Analysis – discovery – 2308c0ef8af77bdfe3b73238c758d171
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: 2308c0ef8af77bdfe3b73238c758d171SHA1: 4e467083db470ee57517886631bac97d27c75595ANALYSIS DATE: 2022-11-06T09:41:52ZTTPS: T1060, T1112, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 913a7259cfb60933171036d6de2f0ca5
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 913a7259cfb60933171036d6de2f0ca5SHA1: 63a2fe5e1c7e19fadb2eeb37eb0de59d23924c1fANALYSIS DATE: 2022-11-06T10:33:25ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
