Cobalt Stike Beacon Detected – 161[.]97[.]161[.]77:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 109[.]94[.]208[.]57:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 176c0e35328b032619dc485652148f6c
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 176c0e35328b032619dc485652148f6cSHA1: 00772f0f4bc58c23b4e1d338ba9ee3a1abd0aebdANALYSIS DATE: 2022-10-06T09:12:30ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 0c482b05f3edc8267e37d9b8029645d2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0c482b05f3edc8267e37d9b8029645d2SHA1: b2d323a620f78d2fd48b045ae278b4e3dfd85a9fANALYSIS DATE: 2022-10-06T09:21:11ZTTPS: T1222, T1060, T1112, T1005,...
Malware Analysis – djvu – 214b2b6f63bd33938ed47b85e3a24df6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 214b2b6f63bd33938ed47b85e3a24df6SHA1: 9227ab94107e5ac3f1943d743951c8843d325e47ANALYSIS DATE: 2022-10-06T09:20:32ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – djvu – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:41:34ZTTPS:...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:23ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 22e1ceeaf71330b7265275efee371cee
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 22e1ceeaf71330b7265275efee371ceeSHA1: bc1e7c1e5baa5894ab3536623376d11e4f43ea83ANALYSIS DATE: 2022-10-06T10:15:51ZTTPS: T1222, T1012, T1082, T1005,...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity...
Daily Vulnerability Trends: Thu Oct 06 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2880 No description provided CVE-2022-41850 No description provided CVE-2022-40140An origin validation error...
Uncommon infection and malware propagation methods
Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing....
Malware Analysis – smokeloader – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ab588ece9842c824014b896fab00c0d9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: ab588ece9842c824014b896fab00c0d9SHA1: 178a4fc3ee53ac17514c43774a705ffa082ccbf8ANALYSIS DATE: 2022-10-06T03:15:02ZTTPS: T1082, T1012, T1053, T1005,...
Malware Analysis – djvu – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:39:14ZTTPS:...
Malware Analysis – smokeloader – 1ced7cd6ef30b3f92f7fc8f63ac950f7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1ced7cd6ef30b3f92f7fc8f63ac950f7SHA1: 1a251a94485c2cee0e307937bf9eb9fe52646ea4ANALYSIS DATE: 2022-10-06T03:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1ced7cd6ef30b3f92f7fc8f63ac950f7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 1ced7cd6ef30b3f92f7fc8f63ac950f7SHA1: 1a251a94485c2cee0e307937bf9eb9fe52646ea4ANALYSIS DATE: 2022-10-06T03:18:16ZTTPS:...
Malware Analysis – djvu – 57ccdf9f24953d0f20bc77894cd4b0c5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 57ccdf9f24953d0f20bc77894cd4b0c5SHA1: eeedfe5aeb5e05b0bb9ac3cf0f11fd7e1674ef65ANALYSIS DATE: 2022-10-06T03:38:45ZTTPS:...
Malware Analysis – djvu – dac04bf5ad22b2b2fb80f236c89fcae8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: dac04bf5ad22b2b2fb80f236c89fcae8SHA1: 6e53fd2cb1baca78fc3b020f1217b0fb327b21baANALYSIS DATE: 2022-10-06T03:25:33ZTTPS: T1060, T1112, T1222, T1012,...
Malware Analysis – ransomware – 51aa11d492b16e856d105368839e9105
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 51aa11d492b16e856d105368839e9105SHA1: 9800d1db47238cffea6d5581b57bab555b6df82dANALYSIS DATE: 2022-10-06T03:31:03ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – smokeloader – 57ccdf9f24953d0f20bc77894cd4b0c5
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 57ccdf9f24953d0f20bc77894cd4b0c5SHA1: eeedfe5aeb5e05b0bb9ac3cf0f11fd7e1674ef65ANALYSIS DATE: 2022-10-06T03:31:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 508dc342135b5c5f406628a795bfd629
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 508dc342135b5c5f406628a795bfd629SHA1: 1fc937a5a09e4129b3886304b9a66d4d3215bde0ANALYSIS DATE: 2022-10-06T04:20:50ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – smokeloader – cb8f25cb414b4a08471ee5e140be28e7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb8f25cb414b4a08471ee5e140be28e7SHA1: 74587cc5fdc2264f2ec7c0137c7fb46550fdf8feANALYSIS DATE: 2022-10-06T04:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
