Cobalt Stike Beacon Detected – 1[.]15[.]99[.]189:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Malware Analysis – discovery – f494e416737bbd1ea8af65d9bdfd6934
Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, upxMD5: f494e416737bbd1ea8af65d9bdfd6934SHA1: 3de0d51ea664794278734c7b30d938ceb1495c47ANALYSIS DATE: 2023-01-31T10:32:51ZTTPS: T1082, T1012, T1060, T1112, T1130, T1102, T1018, T1497...
Malware Analysis – djvu – eb49b2fd2f173fa20b1ca9f7fd28f6cd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: eb49b2fd2f173fa20b1ca9f7fd28f6cdSHA1: 57afd277746bb9b96970c379eb1e32719a8180f4ANALYSIS DATE: 2023-01-31T09:57:37ZTTPS: T1012, T1222, T1082, T1053,...
Malware Analysis – smokeloader – ef4734eb6342c1166b64c1597f8c1fed
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ef4734eb6342c1166b64c1597f8c1fedSHA1: 598ad1a4ff2c5e4ed49e14ec89cfd871f9bb83eeANALYSIS DATE: 2023-01-31T09:10:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 34d6da080af6ae29247f06bcae9292c5
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 34d6da080af6ae29247f06bcae9292c5SHA1: 6b1397afa50fd65b5dc38aac8e6c33ff11f9a1ddANALYSIS DATE: 2023-01-31T10:46:05ZTTPS: T1012, T1082, T1112, T1120, T1102,...
Malware Analysis – djvu – 58860a1c3b2041fef660374813f99273
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, ransomware, stealer, trojan, vmprotectMD5: 58860a1c3b2041fef660374813f99273SHA1: e8d503260b7ca66dfd0ca0e3fffb327c0a6cc7c1ANALYSIS DATE: 2023-01-31T11:17:20ZTTPS: T1222, T1053,...
Malware Analysis – smokeloader – c8558073caf7732e00775c381de062df
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c8558073caf7732e00775c381de062dfSHA1: c5c51097f6957cdc2feef36d40929bf5ba54cbd3ANALYSIS DATE: 2023-01-31T10:58:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 6263cf4ed224f1a7756f3d7c4c83cfda
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6263cf4ed224f1a7756f3d7c4c83cfdaSHA1: 8952d8e4aa5ffd114c09afb07d082e05492b087fANALYSIS DATE: 2023-01-31T10:51:11ZTTPS: T1053, T1060, T1112, T1012,...
Malware Analysis – djvu – 8a60eb120c54fec26aa191b030c26d28
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8a60eb120c54fec26aa191b030c26d28SHA1: 6fc0adb8bd283e04d43db47408c3a9f2c26f93c0ANALYSIS DATE: 2023-01-31T11:14:25ZTTPS: T1005, T1081, T1222, T1053,...
Daily Vulnerability Trends: Tue Jan 31 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-35394Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool...
Malware Analysis – banker – 79c49abc1b3f7fd73ab505f4d7632963
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 79c49abc1b3f7fd73ab505f4d7632963SHA1: cf8c728f48c805bd9def4128f9d1b3aa22c78b90ANALYSIS DATE: 2023-01-31T03:30:51ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – 796eec633508016212d9c0fba6ebcb34
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 796eec633508016212d9c0fba6ebcb34SHA1: 6f7f80791fe510406e741aa4e857311119135424ANALYSIS DATE: 2023-01-31T03:14:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – 59d403798663c3cf889cab4605eca33a
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 59d403798663c3cf889cab4605eca33aSHA1: 67b18581e8b4476209eabe85361790706e8acf21ANALYSIS DATE: 2023-01-31T03:51:26ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – evasion – e75d7d7af4d7065b289f24922c092847
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e75d7d7af4d7065b289f24922c092847SHA1: 536b17bd6834640aa6adea1ff8607790248f2134ANALYSIS DATE: 2023-01-31T04:14:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – bootkit – 858ee6ceb590822f57d2d98a32e3c5af
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, persistenceMD5: 858ee6ceb590822f57d2d98a32e3c5afSHA1: 0cd9e539e919dd0367c1d04e2644bc3e8ad109e5ANALYSIS DATE: 2023-01-31T03:45:42ZTTPS: T1012, T1067, T1130, T1112, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – discovery – 328ed3428d79bb38ec9d29a5cb27a5a7
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 328ed3428d79bb38ec9d29a5cb27a5a7SHA1: cd905b22794ca277a14d512fde28f1c20d01bdabANALYSIS DATE: 2023-01-31T03:30:56ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – discovery – 551321ba31ec119801d4a3fb3612cbfe
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 551321ba31ec119801d4a3fb3612cbfeSHA1: d169e3d5bb0e3abee31030a6332ded2e7fdf189bANALYSIS DATE: 2023-01-31T05:53:10ZTTPS: T1060, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 54284e6ecb72c4ecd0a4e33c8afe8541
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 54284e6ecb72c4ecd0a4e33c8afe8541SHA1: 55cf4c0183bdb3f1f2dba397dad8d11a4a219889ANALYSIS DATE: 2023-01-31T05:37:39ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 27bb9abd524480ce1b30123ee769270a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 27bb9abd524480ce1b30123ee769270aSHA1: 682cb6bf50f2c662165a241413343c9170d907fbANALYSIS DATE: 2023-01-31T04:30:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4f7cd4bd04c4b2c6419bab5e4b8cc7ee
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4f7cd4bd04c4b2c6419bab5e4b8cc7eeSHA1: c32fdf8831286b78fbb8cb10bd6ae8509740efe4ANALYSIS DATE: 2023-01-31T04:17:37ZTTPS: T1060, T1112, T1005, T1081,...
Winnti APT group docks in Sri Lanka for new campaign
In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat...
Analyzing and remediating a malware infested T95 TV box from Amazon
A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon...
LockBit 3.0 Ransomware Victim: parkavedoors[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: 2cara[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
