Cobalt Stike Beacon Detected – 149[.]127[.]232[.]17:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 45[.]61[.]187[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]108[.]150[.]23:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]225[.]139[.]12:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]134[.]63[.]69:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 88[.]218[.]193[.]100:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]92[.]227[.]151:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]43[.]159[.]70:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]96[.]116[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – nitro – a0c0192c30c048044421d25c23501582
Score: 10 MALWARE FAMILY: nitroTAGS:family:nitro, persistence, ransomware, spyware, stealerMD5: a0c0192c30c048044421d25c23501582SHA1: d6080d25a6439238d0a8e90e6bbfc229680ecf3bANALYSIS DATE: 2023-01-04T10:05:23ZTTPS: T1005, T1081, T1491, T1112, T1102, T1060, T1012,...
Malware Analysis – amadey – 6c5d5e80bab3b17f1b6faa5273e0b224
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 6c5d5e80bab3b17f1b6faa5273e0b224SHA1: e486b2da9876bd1205a6efd8098dd30b59a6454dANALYSIS...
Malware Analysis – djvu – a4b4e507ef0dc6c624c17badb10d29c9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a4b4e507ef0dc6c624c17badb10d29c9SHA1: d376a5af805dd6654af35f42f71a3303ff1905f6ANALYSIS DATE: 2023-01-04T10:20:49ZTTPS: T1082, T1012, T1053, T1222,...
Malware Analysis – ransomware – 0e2f34900a7e0324b91ca191fd043e74
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0e2f34900a7e0324b91ca191fd043e74SHA1: 8d34aca2b2ca50d3816b161493ec7440f2cbdbc0ANALYSIS DATE: 2023-01-04T10:53:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – 88fc55ed1a5295684fc77c36024060cf
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 88fc55ed1a5295684fc77c36024060cfSHA1: 3c09ac4a25c92f1f3a4052ee1e97659b39672925ANALYSIS DATE: 2023-01-04T11:26:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Daily Vulnerability Trends: Wed Jan 04 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41040Microsoft Exchange Server Elevation of Privilege Vulnerability.CVE-2022-29455DOM-based Reflected Cross-Site Scripting (XSS) vulnerability...
Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a83bee74074204ce9dd5e9780187aa0fSHA1: f80dca4216a824bdaea42ea1ce115ac8f66c05dbANALYSIS DATE: 2023-01-04T03:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4d50334081024a62178c18193ad7640aSHA1: 89f06b69f0acf9f1e625c5097b82b74c20030c8bANALYSIS DATE: 2023-01-04T03:04:12ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989
Score: 10 MALWARE FAMILY: meowTAGS:family:meow, ransomware, spyware, stealerMD5: 80637ef09441d910ae7bdda488eb9989SHA1: 638e3ca8c66e218a3bdc666d52c2a91a116b60d7ANALYSIS DATE: 2023-01-04T03:36:27ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cebed8210feb0d37479d62199049e0baSHA1: eec586742f917b65c73d2f99c11dd65072c4f298ANALYSIS DATE: 2023-01-04T03:41:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4b95b42cac7a11602b26caa41574d764SHA1: f64b7f29ecf8516d9d55bca8443f33d041b2b16aANALYSIS DATE: 2023-01-04T03:28:40ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan,...
Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 54e06155a4b0a099b9fe1ddc9f209329SHA1: 48b0ad39a74137e45a0d93cc5b339847b88d971cANALYSIS DATE: 2023-01-04T05:50:25ZTTPS: T1060, T1112, T1053, T1222,...
Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0c5cbe64b5cc615c77b6d2676300495eSHA1: 58aef51084d93563d9b4081c1b51acdb7745e931ANALYSIS DATE: 2023-01-04T04:19:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 943d8bacdfa116ec3a2e87fe7c8d8e63SHA1: 6fa3d75154f39ffed44291a9f1d6b12760cb5454ANALYSIS DATE: 2023-01-04T05:32:12ZTTPS: T1012, T1082, T1005, T1081,...
