OSINT

trend-10

Daily Vulnerability Trends: Mon Dec 12 2022

December 12, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42703mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to...

Read More

abstract-malware-990x400-1

Malware Analysis – smokeloader – 9b680fe6c94c5c5efd8d1ee47e6bc9a3

December 12, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 9b680fe6c94c5c5efd8d1ee47e6bc9a3SHA1: 07700e18220654e8334dd36db10c413543ab5f59ANALYSIS DATE: 2022-12-12T04:24:56ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Read More

abstract-malware-990x400-1

Malware Analysis – – 3a02deed11f7ff4dbc1188d201ad164a

December 12, 2022

Score: 8 MALWARE FAMILY: TAGS:MD5: 3a02deed11f7ff4dbc1188d201ad164aSHA1: 5c935f5c25c2975ef384878bb094567fb19519c9ANALYSIS DATE: 2022-12-12T04:09:21ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 6ae2c7e69f7af191c459978a7ffbb2d6

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6ae2c7e69f7af191c459978a7ffbb2d6SHA1: 64c504634fb86ae0cde436c50cefee73fb0f8e8fANALYSIS DATE: 2022-12-12T03:58:30ZTTPS: T1222, T1012, T1082, T1060,...

Read More

abstract-malware-990x400-1

Malware Analysis – evasion – e9663f1b8ec8a5e2c130f4ff496a43d8

December 12, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: e9663f1b8ec8a5e2c130f4ff496a43d8SHA1: ed373bf96e834f4bf920220cc61a84f064e1275aANALYSIS DATE: 2022-12-07T09:27:09ZTTPS: T1012, T1120, T1082, T1158, T1112, T1060 ScoreMeaningExample10Known badA malware...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 0bffab8de978679c204fe21331058575

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0bffab8de978679c204fe21331058575SHA1: f3830a7b5b741df86cc52d7432a7d6a30a6772e6ANALYSIS DATE: 2022-12-12T05:02:15ZTTPS: T1082, T1053, T1005, T1081,...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – fbdde4446467cf7b6e2edc26f470ed98

December 12, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 352a744e8b4258b7729581602709800a

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 352a744e8b4258b7729581602709800aSHA1: a06aa0539924ca45f63ce74783d593e97ba1502cANALYSIS DATE: 2022-12-12T05:32:53ZTTPS: T1053, T1005, T1081, T1130,...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – b046fd352da5913664316180e0e22633

December 12, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]117[.]91[.]33:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 47[.]92[.]95[.]200:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 20[.]12[.]210[.]245:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 83[.]97[.]20[.]148:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 1607b60ccb7bc768acc7059b54a1d86a

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1607b60ccb7bc768acc7059b54a1d86aSHA1: 94dd0783405cececd513b50f38d5c4cb3cf82f77ANALYSIS DATE: 2022-12-11T21:51:54ZTTPS: T1053, T1005, T1081, T1012,...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]14[.]198[.]89:8011

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 89[.]238[.]185[.]24:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]117[.]112[.]201:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

abstract-malware-990x400-1

Malware Analysis – medusalocker – 489e246b8f55137cd70e4b2d718ff85f

December 12, 2022

Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, evasion, ransomware, spyware, stealer, trojanMD5: 489e246b8f55137cd70e4b2d718ff85fSHA1: 444e3fd11ac385ab333db41420e5c4fd2e47a5baANALYSIS DATE: 2022-12-11T23:15:45ZTTPS: T1082, T1112, T1005, T1081, T1088, T1089,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – deb6e2ba0b5da298a176f135d0dbb902

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: deb6e2ba0b5da298a176f135d0dbb902SHA1: def2ce53e89d620734661d0e982c475fef4dacfaANALYSIS DATE: 2022-12-11T23:31:10ZTTPS: T1005, T1081, T1012, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – dbfbbd262c73437383038a98fec9649c

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, trojanMD5: dbfbbd262c73437383038a98fec9649cSHA1: 5f71018f5e12d8b1cbe309589b23a7666b2716b4ANALYSIS DATE: 2022-12-11T22:06:26ZTTPS:...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 43[.]139[.]69[.]104:8800

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 64[.]190[.]113[.]81:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 23[.]94[.]40[.]43:8080

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 47[.]100[.]180[.]46:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

[WARLOCK] – Ransomware Victim: tein[.]co[.]jp

November 6, 2025

[WARLOCK] – Ransomware Victim: mytune[.]me

November 6, 2025

[WARLOCK] – Ransomware Victim: energogroup[.]net

November 6, 2025

[WARLOCK] – Ransomware Victim: goldenline[.]com

November 6, 2025

[WARLOCK] – Ransomware Victim: metro[.]local

November 6, 2025