OSINT

Expert published PoC exploit code for macOS sandbox escape flaw

November 21, 2022

A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła...

Malware Analysis – evasion – 19c4203255da565b4df0989bb5edb670

November 21, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 19c4203255da565b4df0989bb5edb670SHA1: 98eaf8e50feda91a8df54df6a5061ecc9122768aANALYSIS DATE: 2022-11-21T15:55:11ZTTPS: T1490, T1060, T1112, T1082 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – discovery – 3109c9c3cb533401bdce4ac0cc4f2010

November 21, 2022

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 3109c9c3cb533401bdce4ac0cc4f2010SHA1: fcf7e2235ad44e7ba1a84ace75fce1e773893478ANALYSIS DATE: 2022-11-21T15:46:06ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – 21ed1a8856f1cba3aab93022911ab8a4

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 21ed1a8856f1cba3aab93022911ab8a4SHA1: 6711fbe4bb970396d0b77613c4a6bb0a7b352934ANALYSIS DATE: 2022-11-21T15:41:32ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – djvu – 8debd1fea7f6963dece511ccd8c18a7f

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 8debd1fea7f6963dece511ccd8c18a7fSHA1: 5b461962f5dd1e12c3bb913c489b7adb364fc595ANALYSIS DATE: 2022-11-21T16:31:10ZTTPS:...

Malware Analysis – dcrat – 2f566eb78a2defcf471bd9fe0c4d2f51

November 21, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 2f566eb78a2defcf471bd9fe0c4d2f51SHA1: e2f285602510faf52f48afe3635f347cd71db4c0ANALYSIS DATE:...

Malware Analysis – djvu – 2a4ba51b2761b26883558fb2f316ae2e

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2a4ba51b2761b26883558fb2f316ae2eSHA1: a3af31464eafb47e4f2064b6c671224fbbfffb19ANALYSIS DATE: 2022-11-21T16:12:50ZTTPS: T1053, T1005, T1081, T1012,...

Malware Analysis – agilenet – 6c90fa5b5c9de97a444b366ec0d14255

November 21, 2022

Score: 9 MALWARE FAMILY: agilenetTAGS:agilenet, evasion, persistence, ransomware, themida, trojanMD5: 6c90fa5b5c9de97a444b366ec0d14255SHA1: 90cd4499a264ac9e589a0a0c98e0258067aa22a7ANALYSIS DATE: 2022-11-21T16:55:07ZTTPS: T1012, T1082, T1497, T1060, T1112, T1491...

Malware Analysis – xorist – 1222ed64e9e26f248791d66485906363

November 21, 2022

Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: 1222ed64e9e26f248791d66485906363SHA1: c65e557698063038ede9ac2c20fa08deb5a86fa3ANALYSIS DATE: 2022-11-21T17:22:22ZTTPS: T1005, T1081, T1060, T1112 ScoreMeaningExample10Known badA...

Malware Analysis – dcrat – 744e647a0b6a070d50b41927dda80dfc

November 21, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 744e647a0b6a070d50b41927dda80dfcSHA1:...

Malware Analysis – xorist – 040d31fee8dc69b4c0585494696d4a50

November 21, 2022

Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: 040d31fee8dc69b4c0585494696d4a50SHA1: 9434a9b4f3e17a66de0ca3f7c1fd4d5e88ddc188ANALYSIS DATE: 2022-11-21T17:22:20ZTTPS: T1060, T1112, T1005, T1081 ScoreMeaningExample10Known badA...

Malware Analysis – djvu – 6739446b547d4fcb92d882afbb29b27b

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6739446b547d4fcb92d882afbb29b27bSHA1: d773a4c4a29bf927124cfa6a43f35af87c619ab7ANALYSIS DATE: 2022-11-21T17:00:37ZTTPS: T1053, T1222, T1005, T1081,...

Malware Analysis – persistence – 1ce76c8db971b1444b6856f26990e450

November 21, 2022

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 1ce76c8db971b1444b6856f26990e450SHA1: 062dd92f8bcf5136e8dc5c6da0ec8fc9d75c57acANALYSIS DATE: 2022-11-21T17:22:26ZTTPS: T1107, T1490, T1082, T1112, T1060 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – djvu – d58d383bf9394e1a7dd26d1f96b644bc

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: d58d383bf9394e1a7dd26d1f96b644bcSHA1: 4a472430d5c071d17b3ca30419ece8868dde48caANALYSIS DATE: 2022-11-21T17:31:07ZTTPS:...

Malware Analysis – evasion – 94d087166651c0020a9e6cc2fdacdc0c

November 21, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 94d087166651c0020a9e6cc2fdacdc0cSHA1: 99be22569ba9b1e49d3fd36f65faa6795672fcc0ANALYSIS DATE: 2022-11-21T17:26:44ZTTPS: T1491, T1112, T1031, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family...

Malware Analysis – evasion – 1162ee821f5b1dd6c1a44be48d0f9b00

November 21, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 1162ee821f5b1dd6c1a44be48d0f9b00SHA1: b62df88337d258505a8ff11297a78faabcf5861fANALYSIS DATE: 2022-11-21T17:23:29ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

OSINT

Expert published PoC exploit code for macOS sandbox escape flaw

Malware Analysis – evasion – 19c4203255da565b4df0989bb5edb670

Malware Analysis – discovery – 3109c9c3cb533401bdce4ac0cc4f2010

Malware Analysis – djvu – 21ed1a8856f1cba3aab93022911ab8a4

Malware Analysis – djvu – 8debd1fea7f6963dece511ccd8c18a7f

Malware Analysis – dcrat – 2f566eb78a2defcf471bd9fe0c4d2f51

Malware Analysis – djvu – 2a4ba51b2761b26883558fb2f316ae2e

Malware Analysis – agilenet – 6c90fa5b5c9de97a444b366ec0d14255

Malware Analysis – xorist – 1222ed64e9e26f248791d66485906363

Malware Analysis – dcrat – 744e647a0b6a070d50b41927dda80dfc

Malware Analysis – xorist – 040d31fee8dc69b4c0585494696d4a50

Malware Analysis – djvu – 6739446b547d4fcb92d882afbb29b27b

Malware Analysis – persistence – 1ce76c8db971b1444b6856f26990e450

Malware Analysis – djvu – d58d383bf9394e1a7dd26d1f96b644bc

Malware Analysis – evasion – 94d087166651c0020a9e6cc2fdacdc0c

Malware Analysis – evasion – 1162ee821f5b1dd6c1a44be48d0f9b00

Google won a lawsuit against the Glupteba botnet operators

Sandbox_Scryer – Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output

Google provides rules to detect tens of cracked versions of Cobalt Strike

Cobalt Stike Beacon Detected – 146[.]70[.]115[.]16:443

Cobalt Stike Beacon Detected – 104[.]233[.]224[.]78:443

Cobalt Stike Beacon Detected – 141[.]98[.]82[.]243:443

Cobalt Stike Beacon Detected – 37[.]1[.]212[.]100:443

Cobalt Stike Beacon Detected – 91[.]240[.]118[.]209:9199

[AKIRA] – Ransomware Victim: Souleret Engineering(LSSE)

[NOVA] – Ransomware Victim: Eurofins Scientific

[NOVA] – Ransomware Victim: Eurofins Healthcare

CVE Alert: CVE-2025-6248

CVE Alert: CVE-2025-6231

You may have missed