OSINT

Cobalt Stike Beacon Detected – 45[.]116[.]166[.]221:80

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]156[.]11[.]146:9999

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 79[.]137[.]248[.]24:443

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 106[.]13[.]54[.]144:80

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – d024bd4ab684e1d78599f9ae8623d624

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: d024bd4ab684e1d78599f9ae8623d624SHA1: 0b03ea93468d6a5108352051007c637ddeaa4ab3ANALYSIS DATE: 2022-12-08T10:09:35ZTTPS: T1112, T1031, T1089, T1107, T1490 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 9ce1877b8701e245454cf510ad1039ca

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 9ce1877b8701e245454cf510ad1039caSHA1: 755181bd3499c23173983e96ba306c7bf575fdb1ANALYSIS DATE: 2022-12-08T10:04:32ZTTPS:...

Malware Analysis – djvu – 17af9dbcffe89a170dcb9e76810ef225

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: 17af9dbcffe89a170dcb9e76810ef225SHA1: 90d91f86822863e8b8f1983e3255c0ff333aa3b1ANALYSIS DATE: 2022-12-08T10:29:06ZTTPS: T1053, T1222, T1060, T1112, T1082,...

Malware Analysis – djvu – e1a4cef73bd625a9f9360f8a3243d808

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e1a4cef73bd625a9f9360f8a3243d808SHA1: 9c0c85de9f9d6067b393f78ff4360ea5d643338aANALYSIS DATE: 2022-12-08T10:26:04ZTTPS: T1222, T1060, T1112, T1082,...

Cobalt Stike Beacon Detected – 49[.]128[.]198[.]3:53

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 1[.]117[.]231[.]225:1024

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – dcrat – 1ffedc09946da8cc244c117fd3a2bbba

December 8, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 1ffedc09946da8cc244c117fd3a2bbbaSHA1:...

Malware Analysis – djvu – 2ffd48cc274bdacc604cc128dc874632

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2ffd48cc274bdacc604cc128dc874632SHA1: c88225d00c201da34b1d1b0c9a182fc161decd8cANALYSIS DATE: 2022-12-08T11:50:49ZTTPS: T1222, T1053, T1005, T1081,...

Malware Analysis – globeimposter – 8797e2092484f8dde83871366dcfbdae

December 8, 2022

Score: 10 MALWARE FAMILY: globeimposterTAGS:family:globeimposter, persistence, ransomware, spyware, stealerMD5: 8797e2092484f8dde83871366dcfbdaeSHA1: 53c0530d195de802b62dde6da0e5e335c5083963ANALYSIS DATE: 2022-12-08T11:39:12ZTTPS: T1005, T1081, T1060, T1112 ScoreMeaningExample10Known badA malware...

Cobalt Stike Beacon Detected – 45[.]76[.]179[.]38:443

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 129[.]226[.]201[.]214:9999

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – zeppelin – 8090cb9a98392d753116e30e0be9f25a

December 8, 2022

Score: 10 MALWARE FAMILY: zeppelinTAGS:family:zeppelin, persistence, ransomwareMD5: 8090cb9a98392d753116e30e0be9f25aSHA1: 1f45a5e3dc88e363fd6ff83d52a6a2e4ddd8951fANALYSIS DATE: 2022-12-08T10:56:45ZTTPS: T1060, T1112, T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA...

Daily Vulnerability Trends: Thu Dec 08 2022

December 8, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-22555A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c....

Malware Analysis – discovery – f01c0d0a0988de82cdbbf16a36105f5a

December 8, 2022

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, upxMD5: f01c0d0a0988de82cdbbf16a36105f5aSHA1: d6ddc24997e423206665d120ee1a746018f94527ANALYSIS DATE: 2022-12-04T12:36:42ZTTPS: T1222, T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – ransomware – 3350fe6963fb43c6f3a317fc38944152

December 8, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 3350fe6963fb43c6f3a317fc38944152SHA1: 026690bfca52fec792de555dfc9912c4f7793fecANALYSIS DATE: 2022-12-04T12:18:22ZTTPS: T1082, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family...

Malware Analysis – evasion – 0b971c41becb44f8af812843cd121d8e

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, upxMD5: 0b971c41becb44f8af812843cd121d8eSHA1: 02e8463eee51875336bd95040b04447716ddf212ANALYSIS DATE: 2022-12-04T11:40:30ZTTPS: T1012, T1120, T1082, T1112, T1060, T1158 ScoreMeaningExample10Known badA...

Malware Analysis – ransomware – 61102ad142e33287cde8669c084e3360

December 8, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 61102ad142e33287cde8669c084e3360SHA1: e77689f6315c2863ed01f0a4237b8b724474fff5ANALYSIS DATE: 2022-12-04T13:03:58ZTTPS: T1082, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware family...

Malware Analysis – ransomware – a2ccd40ed84d55c2a5b9064796426346

December 8, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: a2ccd40ed84d55c2a5b9064796426346SHA1: c9a78f2ffeaf80dc7445489e29d75c6873fb57cfANALYSIS DATE: 2022-12-08T03:09:28ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – evasion – eeeacff4f31bfa76e90bad305dbe0489

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: eeeacff4f31bfa76e90bad305dbe0489SHA1: be7d59e5ce710166c8a60ffc6cfc67cc24cd24a6ANALYSIS DATE: 2022-12-04T13:13:30ZTTPS: T1112, T1082, T1012, T1060, T1158, T1088,...

Malware Analysis – evasion – 2408f7d83deed8f75d19b5b170b320af

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistenceMD5: 2408f7d83deed8f75d19b5b170b320afSHA1: 422bcf443040136a433c73dbb6959e2772275d90ANALYSIS DATE: 2022-12-04T13:34:08ZTTPS: T1082, T1158, T1012, T1120, T1112, T1060 ScoreMeaningExample10Known badA malware family...

OSINT

Cobalt Stike Beacon Detected – 45[.]116[.]166[.]221:80

Cobalt Stike Beacon Detected – 124[.]156[.]11[.]146:9999

Cobalt Stike Beacon Detected – 79[.]137[.]248[.]24:443

Cobalt Stike Beacon Detected – 106[.]13[.]54[.]144:80

Malware Analysis – evasion – d024bd4ab684e1d78599f9ae8623d624

Malware Analysis – djvu – 9ce1877b8701e245454cf510ad1039ca

Malware Analysis – djvu – 17af9dbcffe89a170dcb9e76810ef225

Malware Analysis – djvu – e1a4cef73bd625a9f9360f8a3243d808

Cobalt Stike Beacon Detected – 49[.]128[.]198[.]3:53

Cobalt Stike Beacon Detected – 1[.]117[.]231[.]225:1024

Malware Analysis – dcrat – 1ffedc09946da8cc244c117fd3a2bbba

Malware Analysis – djvu – 2ffd48cc274bdacc604cc128dc874632

Malware Analysis – globeimposter – 8797e2092484f8dde83871366dcfbdae

Cobalt Stike Beacon Detected – 45[.]76[.]179[.]38:443

Cobalt Stike Beacon Detected – 129[.]226[.]201[.]214:9999

Malware Analysis – zeppelin – 8090cb9a98392d753116e30e0be9f25a

Daily Vulnerability Trends: Thu Dec 08 2022

Malware Analysis – discovery – f01c0d0a0988de82cdbbf16a36105f5a

Malware Analysis – ransomware – 3350fe6963fb43c6f3a317fc38944152

Malware Analysis – evasion – 0b971c41becb44f8af812843cd121d8e

Malware Analysis – ransomware – 61102ad142e33287cde8669c084e3360

Malware Analysis – ransomware – a2ccd40ed84d55c2a5b9064796426346

Malware Analysis – evasion – eeeacff4f31bfa76e90bad305dbe0489

Malware Analysis – evasion – 2408f7d83deed8f75d19b5b170b320af

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed