OSINT

Malware Analysis – gozi – 1312187403c6dd3534a722b414662aa6

November 29, 2022

Score: 10 MALWARE FAMILY: goziTAGS:family:gozi, botnet:1020, banker, isfb, persistence, ransomware, trojanMD5: 1312187403c6dd3534a722b414662aa6SHA1: 4cc6aa8a7e6d053a8753c03499fa9a3f20bf0aa6ANALYSIS DATE: 2022-11-28T10:38:13ZTTPS: T1060, T1112, T1082, T1158, T1491...

Malware Analysis – persistence – 34a2099df8fd19b184f572bd733066a6

November 29, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 34a2099df8fd19b184f572bd733066a6SHA1: 63ad31a279668aaafc0c57d1eb1b8bcde412f5a4ANALYSIS DATE: 2022-11-28T10:38:21ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – upx – 4916a3a62e24567d390eece7fedbb1f1

November 29, 2022

Score: 8 MALWARE FAMILY: upxTAGS:upxMD5: 4916a3a62e24567d390eece7fedbb1f1SHA1: d0c220e32263472943d7b717b0655f31f4e905fbANALYSIS DATE: 2022-11-28T10:39:08ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – persistence – 3459e0194bf4e1f048eb1cc9956af782

November 29, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 3459e0194bf4e1f048eb1cc9956af782SHA1: 0243cca7e98e18732b32ff66c09e6fbb4e3328ebANALYSIS DATE: 2022-11-28T10:59:49ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – adware – 304e87b1a549495812c9e34ffd033540

November 29, 2022

Score: 8 MALWARE FAMILY: adwareTAGS:adware, discovery, exploit, persistence, stealerMD5: 304e87b1a549495812c9e34ffd033540SHA1: 52b5f12b6a5167b29dbf15c0c7704a7c2871b134ANALYSIS DATE: 2022-11-28T10:53:33ZTTPS: T1012, T1120, T1082, T1112, T1176, T1060, T1222...

Malware Analysis – ransomware – e52e921d2f87d4d25aa6975478439244

November 29, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e52e921d2f87d4d25aa6975478439244SHA1: 7e164dd18235422a07005f54af013a2ca48baa36ANALYSIS DATE: 2022-11-28T11:01:37ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – gozi – c1d64f73c5bc2c9e80e33c5d8887d10c

November 29, 2022

Score: 10 MALWARE FAMILY: goziTAGS:family:gozi, botnet:1020, banker, isfb, persistence, ransomware, trojanMD5: c1d64f73c5bc2c9e80e33c5d8887d10cSHA1: 665ccc23b53cc79e3cf99e5787e73791f64f5ffcANALYSIS DATE: 2022-11-28T10:48:40ZTTPS: T1060, T1112, T1491, T1082, T1158...

Malware Analysis – gh0strat – 3d80e6a989ea622e375699511f4d5dee

November 29, 2022

Score: 10 MALWARE FAMILY: gh0stratTAGS:family:gh0strat, discovery, exploit, ratMD5: 3d80e6a989ea622e375699511f4d5deeSHA1: 964cd3555cb021285fc003f1476b2025097a56e5ANALYSIS DATE: 2022-11-28T11:06:44ZTTPS: T1082, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – 3165ebb0ff55bde8e4a4647b7b1350fb

November 29, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomware, spyware, stealerMD5: 3165ebb0ff55bde8e4a4647b7b1350fbSHA1: a7ba1e314a58995b4c88600ed5795a306fe32facANALYSIS DATE: 2022-11-28T11:27:16ZTTPS: T1107, T1490, T1057, T1158, T1112, T1005, T1081, T1082...

Malware Analysis – evasion – 67860b57c32c3d210c014a321cf071d9

November 29, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 67860b57c32c3d210c014a321cf071d9SHA1: a4b8c3c7f626cf2c26a73626298484154a30638bANALYSIS DATE: 2022-11-28T11:27:25ZTTPS: T1107, T1490, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...

Malware Analysis – evasion – 920256744075b2d2cffcfc5f62c7f2a9

November 29, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 920256744075b2d2cffcfc5f62c7f2a9SHA1: 39f2038cf721bc419feab931b3193d9b137d8c83ANALYSIS DATE: 2022-11-28T11:20:29ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – amadey – d4988c46593dd409f6a35e3da0c2d372

November 29, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:1148, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...

Malware Analysis – gandcrab – 85fab8174bc91d7c0538fb67336e852c

November 29, 2022

Score: 10 MALWARE FAMILY: gandcrabTAGS:family:gandcrab, backdoor, persistence, ransomwareMD5: 85fab8174bc91d7c0538fb67336e852cSHA1: 0c7fcf278d72608caf7443e8830f2365c67f9916ANALYSIS DATE: 2022-11-29T15:06:06ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...

Malware Analysis – evasion – 00cb45c4efd4053cef8bb8567dc0638e

November 29, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 00cb45c4efd4053cef8bb8567dc0638eSHA1: db0793c3b395697495e89460c35b0b3947c028f1ANALYSIS DATE: 2022-11-28T11:28:36ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – persistence – 882f792ef927f4e8321e082d9a4d85ff

November 29, 2022

Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 882f792ef927f4e8321e082d9a4d85ffSHA1: 0f7989d7ae20d6be6f18c38ae255a5ca1397a8dfANALYSIS DATE: 2022-11-29T15:43:03ZTTPS: T1005, T1081, T1060, T1112 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – 1eced7a5a078e0c14805e3d6cc93d280

November 29, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 1eced7a5a078e0c14805e3d6cc93d280SHA1: 76d3e77ea0b6360f7d7483cb72420fdd48c23fecANALYSIS DATE: 2022-11-29T16:20:18ZTTPS: T1060, T1112,...

Malware Analysis – discovery – e46c76300df9430421c7e13d95e29ee1

November 29, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, ransomware, trojanMD5: e46c76300df9430421c7e13d95e29ee1SHA1: 27d15bc5235356a821ee0dbcf2e51d7905a57f55ANALYSIS DATE: 2022-11-29T16:15:05ZTTPS: T1082, T1053, T1222, T1031, T1112, T1089, T1012,...

Malware Analysis – persistence – 1d999ba847346e80594759ff8c32da49

November 29, 2022

Score: 6 MALWARE FAMILY: persistenceTAGS:persistenceMD5: 1d999ba847346e80594759ff8c32da49SHA1: 7abf3923d540addcc82a2cc0794c815dd6385cd1ANALYSIS DATE: 2022-11-29T15:43:20ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – persistence – 2de26af68d2d6d73dae987eb2cdedd6e

November 29, 2022

Score: 6 MALWARE FAMILY: persistenceTAGS:persistenceMD5: 2de26af68d2d6d73dae987eb2cdedd6eSHA1: 34d7fdb906b79f2912598378359668c57e65bb5dANALYSIS DATE: 2022-11-29T15:43:35ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – amadey – be134b7a6e1be0a218db18cf47ac9868

November 29, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5:...

Malware Analysis – djvu – 6cec15b58436d4c968d22bf229cd30c5

November 29, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: 6cec15b58436d4c968d22bf229cd30c5SHA1: 1dc15ac0bc6346ed3ceefe4dea5e806ae65106dbANALYSIS DATE: 2022-11-29T17:03:11ZTTPS: T1082, T1012, T1053, T1060, T1112,...

Malware Analysis – evasion – 46780d2454e31a55bd5738667b0a0232

November 29, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 46780d2454e31a55bd5738667b0a0232SHA1: c49ebee0c97e4de75185aa74f94659914eb4960cANALYSIS DATE: 2022-11-29T16:26:34ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – play – 2e8897ef38d4abe4861360a4b6e895d5

November 29, 2022

Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 2e8897ef38d4abe4861360a4b6e895d5SHA1: f668b1110d8a6b1a3f638fd8a6276a7a1efe18dbANALYSIS DATE: 2022-11-29T17:12:47ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

CISA: CISA Releases Seven Industrial Control Systems Advisories

November 29, 2022

CISA Releases Seven Industrial Control Systems Advisories CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022....

OSINT

Malware Analysis – gozi – 1312187403c6dd3534a722b414662aa6

Malware Analysis – persistence – 34a2099df8fd19b184f572bd733066a6

Malware Analysis – upx – 4916a3a62e24567d390eece7fedbb1f1

Malware Analysis – persistence – 3459e0194bf4e1f048eb1cc9956af782

Malware Analysis – adware – 304e87b1a549495812c9e34ffd033540

Malware Analysis – ransomware – e52e921d2f87d4d25aa6975478439244

Malware Analysis – gozi – c1d64f73c5bc2c9e80e33c5d8887d10c

Malware Analysis – gh0strat – 3d80e6a989ea622e375699511f4d5dee

Malware Analysis – evasion – 3165ebb0ff55bde8e4a4647b7b1350fb

Malware Analysis – evasion – 67860b57c32c3d210c014a321cf071d9

Malware Analysis – evasion – 920256744075b2d2cffcfc5f62c7f2a9

Malware Analysis – amadey – d4988c46593dd409f6a35e3da0c2d372

Malware Analysis – gandcrab – 85fab8174bc91d7c0538fb67336e852c

Malware Analysis – evasion – 00cb45c4efd4053cef8bb8567dc0638e

Malware Analysis – persistence – 882f792ef927f4e8321e082d9a4d85ff

Malware Analysis – amadey – 1eced7a5a078e0c14805e3d6cc93d280

Malware Analysis – discovery – e46c76300df9430421c7e13d95e29ee1

Malware Analysis – persistence – 1d999ba847346e80594759ff8c32da49

Malware Analysis – persistence – 2de26af68d2d6d73dae987eb2cdedd6e

Malware Analysis – amadey – be134b7a6e1be0a218db18cf47ac9868

Malware Analysis – djvu – 6cec15b58436d4c968d22bf229cd30c5

Malware Analysis – evasion – 46780d2454e31a55bd5738667b0a0232

Malware Analysis – play – 2e8897ef38d4abe4861360a4b6e895d5

CISA: CISA Releases Seven Industrial Control Systems Advisories

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed