OSINT

Cobalt Stike Beacon Detected – 185[.]48[.]86[.]75:9000

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – aurora – 65d7785d36337dccd3f85dbe8c0358e5

January 11, 2023

Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, collection, discovery, infostealer, loader, persistence, ransomware,...

Malware Analysis – djvu – 10175425e3f29ba4e7637074ed2c8e26

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 10175425e3f29ba4e7637074ed2c8e26SHA1: abbaaf366d8dc619bccb1228a3829101767518cfANALYSIS DATE: 2023-01-10T21:31:59ZTTPS: T1060, T1112, T1082, T1005,...

Malware Analysis – sodinokibi – 61c19e7ce627da9b5004371f867a47d3

January 11, 2023

Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:5, campaign:367, ransomwareMD5: 61c19e7ce627da9b5004371f867a47d3SHA1: 4f3b4329871ec269043068a98e9cc929f603268dANALYSIS DATE: 2023-01-10T21:37:31ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – evasion – e43320002eb47ce45a5092c9fdb9c7d2

January 11, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e43320002eb47ce45a5092c9fdb9c7d2SHA1: faede3fe537f629eb592d4ec7793fff2e2ee37abANALYSIS DATE: 2023-01-10T21:45:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Cobalt Stike Beacon Detected – 43[.]154[.]182[.]95:8443

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 45[.]61[.]187[.]167:443

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 49[.]234[.]152[.]199:80

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:2095

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – bc6bf8643541163f1736566a6a9e6011

January 11, 2023

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: bc6bf8643541163f1736566a6a9e6011SHA1: cc7f21a3779f904d0c5fe0c2c44fc7fb8d2de728ANALYSIS DATE: 2023-01-10T22:17:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – b40a2374b51d487190fe535bb651aa3a

January 11, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: b40a2374b51d487190fe535bb651aa3aSHA1: 23213f8f9ee58c3166101af2869783c90dfdff14ANALYSIS DATE: 2023-01-10T21:53:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 15165436db5835fc6ecda43762014f75

January 11, 2023

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 15165436db5835fc6ecda43762014f75SHA1: 5c972fe82e246daca2c18b5da6f4e521e56c96a2ANALYSIS DATE: 2023-01-10T22:09:38ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – evasion – 5f69049eee4cd4263041956448b9ee95

January 11, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 5f69049eee4cd4263041956448b9ee95SHA1: e2f3a6f94375f30f9a6a155c3cb07493cff90799ANALYSIS DATE: 2023-01-10T22:22:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

CISA: Microsoft Releases January 2023 Security Updates

January 11, 2023

Microsoft Releases January 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could...

Malware Analysis – aurora – 263e8add132946de46d9bf90aa19c401

January 11, 2023

Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware, rat,...

Malware Analysis – djvu – 920842b983c4051efa27387e1edfeb6b

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 920842b983c4051efa27387e1edfeb6bSHA1: 114105f6680c70344a80486e11b9479117f08613ANALYSIS DATE: 2023-01-10T23:47:26ZTTPS: T1060, T1112, T1222, T1082,...

Malware Analysis – djvu – a28ca46bc8462e2738fcba85c35f412c

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a28ca46bc8462e2738fcba85c35f412cSHA1: 437642d731df5b1558ee4228df5c47eb819e2ac7ANALYSIS DATE: 2023-01-10T23:51:09ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – discovery – fc872ec9e926bc8212f6014f997cf672

January 11, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: fc872ec9e926bc8212f6014f997cf672SHA1: 190663eb496c54db43f303d1e91d8e974b580875ANALYSIS DATE: 2023-01-10T23:25:27ZTTPS: T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Vice Society Ransomware Victim: Swift Academies

January 10, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Vice Society Ransomware Victim: Fire Rescue Victoria

January 10, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – discovery – 7914601e5d46afc17f0b59e5140500bb

January 10, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: 7914601e5d46afc17f0b59e5140500bbSHA1: 3e3c8f0cbc4d56b00253d25c363aab444dda9b8bANALYSIS DATE: 2023-01-10T15:08:26ZTTPS: T1060, T1112, T1031, T1089, T1088, T1082, T1012,...

Malware Analysis – agent_smith – f7f87cd8579db367e27f73d9cc10ccde

January 10, 2023

Score: 10 MALWARE FAMILY: agent_smithTAGS:family:agent_smith, adware, evasion, ransomwareMD5: f7f87cd8579db367e27f73d9cc10ccdeSHA1: 89480a760efbadf9d23487eeb14cccfd76e72f29ANALYSIS DATE: 2023-01-10T15:31:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – aurora – 07bae8213b9bedfe2f9f37df0db94bbd

January 10, 2023

Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware, rat,...

Malware Analysis – evasion – 94ad269abb292332a4967e912ae34488

January 10, 2023

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 94ad269abb292332a4967e912ae34488SHA1: 0218c55d7317c2139d63f59f4fd5dafa72916e18ANALYSIS DATE: 2023-01-10T15:26:23ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

OSINT

Cobalt Stike Beacon Detected – 185[.]48[.]86[.]75:9000

Malware Analysis – aurora – 65d7785d36337dccd3f85dbe8c0358e5

Malware Analysis – djvu – 10175425e3f29ba4e7637074ed2c8e26

Malware Analysis – sodinokibi – 61c19e7ce627da9b5004371f867a47d3

Malware Analysis – evasion – e43320002eb47ce45a5092c9fdb9c7d2

Cobalt Stike Beacon Detected – 43[.]154[.]182[.]95:8443

Cobalt Stike Beacon Detected – 45[.]61[.]187[.]167:443

Cobalt Stike Beacon Detected – 49[.]234[.]152[.]199:80

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:2095

Malware Analysis – evasion – bc6bf8643541163f1736566a6a9e6011

Malware Analysis – evasion – b40a2374b51d487190fe535bb651aa3a

Malware Analysis – ransomware – 15165436db5835fc6ecda43762014f75

Malware Analysis – evasion – 5f69049eee4cd4263041956448b9ee95

CISA: Microsoft Releases January 2023 Security Updates

Malware Analysis – aurora – 263e8add132946de46d9bf90aa19c401

Malware Analysis – djvu – 920842b983c4051efa27387e1edfeb6b

Malware Analysis – djvu – a28ca46bc8462e2738fcba85c35f412c

Malware Analysis – discovery – fc872ec9e926bc8212f6014f997cf672

Vice Society Ransomware Victim: Swift Academies

Vice Society Ransomware Victim: Fire Rescue Victoria

Malware Analysis – discovery – 7914601e5d46afc17f0b59e5140500bb

Malware Analysis – agent_smith – f7f87cd8579db367e27f73d9cc10ccde

Malware Analysis – aurora – 07bae8213b9bedfe2f9f37df0db94bbd

Malware Analysis – evasion – 94ad269abb292332a4967e912ae34488

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed