OSINT

UK NCSC govt agency is scanning the Internet for flawed devices in the UK

November 7, 2022

The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities....

Daily Vulnerability Trends: Mon Nov 07 2022

November 7, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-25337Improper access control in clipboard service in Samsung mobile devices prior to...

Abusing Microsoft Dynamics 365 Customer Voice in phishing attacks

November 7, 2022

Researchers uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims. Microsoft’s Dynamics 365 Customer...

Malware Analysis – wannacry – a1bbc4f908c7e79fa740abb5574e5733

November 7, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: a1bbc4f908c7e79fa740abb5574e5733SHA1: 7bec90bf83835b93a718e22b2851d8561eda55d0ANALYSIS DATE: 2022-11-07T03:00:34ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – wannacry – 7cfcb0def88dafe36c8b1440bb62ebd8

November 7, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 7cfcb0def88dafe36c8b1440bb62ebd8SHA1: ada0dfa301f1130468fdc57dd0944a0716a12db3ANALYSIS DATE: 2022-11-07T03:20:27ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – amadey – 143b2d68c66781d3bcfedaa63cdea1c3

November 7, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...

Malware Analysis – djvu – 6d123f3d24355c2b777dbd593fe6f45e

November 7, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6d123f3d24355c2b777dbd593fe6f45eSHA1: f9a25d00a40627438c0129597ac05683b4b1f94cANALYSIS DATE: 2022-11-07T04:24:21ZTTPS: T1060, T1112, T1082, T1005,...

Malware Analysis – amadey – 04dd6fba1c7daca5072719e426e81695

November 7, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...

Malware Analysis – wannacry – 1fedbacd1ad3982f3718f2344ef7cac8

November 7, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 1fedbacd1ad3982f3718f2344ef7cac8SHA1: 9300853d71f08b28f7926371a29b2abb5fde5a56ANALYSIS DATE: 2022-11-07T04:41:02ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – djvu – 7f98c5308bcea9914200a592c17bfaec

November 7, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7f98c5308bcea9914200a592c17bfaecSHA1: 94eb9a6727611094cbcde7242343509fd019f1e7ANALYSIS DATE: 2022-11-07T05:39:17ZTTPS: T1060, T1112, T1012, T1082,...

Malware Analysis – chaos – 9d016244b7f58fa5e974ef5f6e1ae54e

November 7, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 9d016244b7f58fa5e974ef5f6e1ae54eSHA1: 001bc943725ab768f8b8ecb2c9d3ae328f33c78bANALYSIS DATE: 2022-11-07T04:57:03ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – ransomware – 005c8975c5aeeeb883b178da8179478c

November 7, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 005c8975c5aeeeb883b178da8179478cSHA1: 1e2eb9855e058a1bfa1f8ec7caa56d2f260a8b35ANALYSIS DATE: 2022-11-07T05:24:35ZTTPS: T1491, T1112, T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – ransomware – 2dc0dad1939edfdf997525bac94cdc21

November 7, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 2dc0dad1939edfdf997525bac94cdc21SHA1: e3e398a3eed8ffc0266dbe37c396909eee150cf4ANALYSIS DATE: 2022-11-07T05:05:04ZTTPS: T1012, T1120, T1082, T1107, T1490, T1112 ScoreMeaningExample10Known badA malware family was...

Cobalt Stike Beacon Detected – 109[.]206[.]241[.]178:443

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 120[.]48[.]89[.]148:80

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 176[.]113[.]115[.]3:8080

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – 58abef933e19ccd34e3ff2578f20d356

November 7, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 58abef933e19ccd34e3ff2578f20d356SHA1: 150558be301b5732c8d621257f969316ea6e5792ANALYSIS DATE: 2022-11-06T21:06:14ZTTPS: T1005, T1081, T1012, T1082 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – djvu – 3993a37920a429f540d76263b393e202

November 7, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...

Malware Analysis – persistence – a571141acbb53620cf110300c9d91479

November 7, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a571141acbb53620cf110300c9d91479SHA1: f7dd5af916b7f90da4fcbaaeac53e13afd15ced7ANALYSIS DATE: 2022-11-06T21:39:24ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 150[.]158[.]212[.]148:7443

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 18[.]208[.]157[.]91:80

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]34[.]117[.]22:2083

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 154[.]209[.]71[.]98:443

November 7, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – persistence – dc5c71aef24a5899f63c3f9c15993697

November 7, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: dc5c71aef24a5899f63c3f9c15993697SHA1: 2905771c826c7d9f183c73d6e97c990c022f1ef8ANALYSIS DATE: 2022-11-06T21:53:28ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

OSINT

UK NCSC govt agency is scanning the Internet for flawed devices in the UK

Daily Vulnerability Trends: Mon Nov 07 2022

Abusing Microsoft Dynamics 365 Customer Voice in phishing attacks

Malware Analysis – wannacry – a1bbc4f908c7e79fa740abb5574e5733

Malware Analysis – wannacry – 7cfcb0def88dafe36c8b1440bb62ebd8

Malware Analysis – amadey – 143b2d68c66781d3bcfedaa63cdea1c3

Malware Analysis – djvu – 6d123f3d24355c2b777dbd593fe6f45e

Malware Analysis – amadey – 04dd6fba1c7daca5072719e426e81695

Malware Analysis – wannacry – 1fedbacd1ad3982f3718f2344ef7cac8

Malware Analysis – djvu – 7f98c5308bcea9914200a592c17bfaec

Malware Analysis – chaos – 9d016244b7f58fa5e974ef5f6e1ae54e

Malware Analysis – ransomware – 005c8975c5aeeeb883b178da8179478c

Malware Analysis – ransomware – 2dc0dad1939edfdf997525bac94cdc21

Cobalt Stike Beacon Detected – 109[.]206[.]241[.]178:443

Cobalt Stike Beacon Detected – 120[.]48[.]89[.]148:80

Cobalt Stike Beacon Detected – 176[.]113[.]115[.]3:8080

Malware Analysis – ransomware – 58abef933e19ccd34e3ff2578f20d356

Malware Analysis – djvu – 3993a37920a429f540d76263b393e202

Malware Analysis – persistence – a571141acbb53620cf110300c9d91479

Cobalt Stike Beacon Detected – 150[.]158[.]212[.]148:7443

Cobalt Stike Beacon Detected – 18[.]208[.]157[.]91:80

Cobalt Stike Beacon Detected – 101[.]34[.]117[.]22:2083

Cobalt Stike Beacon Detected – 154[.]209[.]71[.]98:443

Malware Analysis – persistence – dc5c71aef24a5899f63c3f9c15993697

Ubuntu Linux Kernel Multiple Vulnerabilities

Amd Warns Of New Meltdown, Spectre Like Bugs Affecting Cpus

You Have A Fake North Korean It Worker Problem Here’s How To Stop It

Ai Coding Tools Make Developers Slower But They Think They’re Faster, Studyfinds

How To Trick Chatgpt Into Revealing Windows Keys? I Give Up

You may have missed