OSINT

CISA: CISA Releases Three Industrial Control Advisories

December 8, 2022

CISA Releases Three Industrial Control Advisories CISA has released three (3) Industrial Control Systems (ICS) advisories on 08 December 2022....

Malware Analysis – djvu – ac4364e2501dfeecfc23cf8c4541e379

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: ac4364e2501dfeecfc23cf8c4541e379SHA1: 0eb439bb98a04e5014fc0987ef0ce2c3bb329630ANALYSIS DATE: 2022-12-08T17:35:11ZTTPS: T1082, T1012, T1053, T1060, T1112,...

Malware Analysis – evasion – d01c432c8ecefb66f3f2a4aa0cfd675b

December 8, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: d01c432c8ecefb66f3f2a4aa0cfd675bSHA1: 7deb1ea6583cb764c5316b0c7d82d70f6b3b881dANALYSIS DATE: 2022-12-08T17:04:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 03f6c75025cf436aee8a07beefd087ba

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 03f6c75025cf436aee8a07beefd087baSHA1: 24c62c9371834f00804b39e6f73bcf68ad5c9161ANALYSIS DATE: 2022-12-08T16:50:27ZTTPS:...

Malware Analysis – djvu – ada2ac79c27a9bedd60f904ec6b80daa

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, collection, discovery, persistence, ransomware, trojanMD5: ada2ac79c27a9bedd60f904ec6b80daaSHA1: ef7a2a2765daf23b029c5d9f8e92a0b51974508dANALYSIS DATE: 2022-12-08T17:32:16ZTTPS: T1060, T1112, T1222, T1082,...

Android app with over 5m downloads leaked user browsing history

December 8, 2022

The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious...

APT37 used Internet Explorer Zero-Day in a recent campaign

December 8, 2022

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37...

R4Ven – Track Ip And GPS Location

December 8, 2022

Track User's Smartphone/Pc Ip And Gps Location. The tool hosts a fake website which uses an iframe to display a...

Malware Analysis – spyware – d66210ecc0533348c07569fac5b280a5

December 8, 2022

Score: 7 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: d66210ecc0533348c07569fac5b280a5SHA1: 9cb944d9eea862d3b9aaced3f3c6811b7f21120aANALYSIS DATE: 2022-12-04T15:48:18ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – cryptolocker – 374f74def24ea6afad4e5f4b15dcd263

December 8, 2022

Score: 10 MALWARE FAMILY: cryptolockerTAGS:family:cryptolocker, persistence, ransomwareMD5: 374f74def24ea6afad4e5f4b15dcd263SHA1: 2c8d39345f5fdf44e8ef5e5175a53dace47103bcANALYSIS DATE: 2022-12-04T16:04:28ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – evasion – cb4f0bf118a549a0fbb5cf5cfff09690

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: cb4f0bf118a549a0fbb5cf5cfff09690SHA1: 52ef613a56d71ff8caeb1eafb789129d88550b63ANALYSIS DATE: 2022-12-04T16:06:42ZTTPS: T1004, T1112, T1005, T1081, T1018, T1082, T1060...

Malware Analysis – collection – 751182db0af7ea687effbea786aa1fd2

December 8, 2022

Score: 9 MALWARE FAMILY: collectionTAGS:collection, evasion, persistence, ransomware, trojanMD5: 751182db0af7ea687effbea786aa1fd2SHA1: d43ee3350969a13686e24b6250327c3c4bab51ddANALYSIS DATE: 2022-12-04T16:51:49ZTTPS: T1082, T1112, T1107, T1490, T1114, T1060 ScoreMeaningExample10Known...

Malware Analysis – evasion – aec4f6a5e1f1e2121c6874b84ab90a18

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: aec4f6a5e1f1e2121c6874b84ab90a18SHA1: 78b0fd0a13979f9159b5e85c7687358c28fff505ANALYSIS DATE: 2022-12-04T16:26:06ZTTPS: T1004, T1112, T1088, T1089, T1158, T1012,...

Malware Analysis – evasion – 413cd7a56e1efb382c26f80f72cdb42d

December 8, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 413cd7a56e1efb382c26f80f72cdb42dSHA1: d6221156ba019ecf8739775ae09fbad7889e20eeANALYSIS DATE: 2022-12-04T17:21:33ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 096d1b1e03a8662e0c66aa25934ef00d

December 8, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 096d1b1e03a8662e0c66aa25934ef00dSHA1: 69ac141499613dec8006f41e0e0928aa3af5faacANALYSIS DATE: 2022-12-08T09:05:07ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – evasion – 77bf2a4cfaf82ae3d2321b0a42acbe91

December 8, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 77bf2a4cfaf82ae3d2321b0a42acbe91SHA1: a9f038f0429bcb902a90b6b0d4ca2f1f18c28d6fANALYSIS DATE: 2022-12-04T17:24:11ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – discovery – 4140b2923edd086da854802acaa6c405

December 8, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealerMD5: 4140b2923edd086da854802acaa6c405SHA1: d057093debe58d33809780bccca144dbc6b300c6ANALYSIS DATE: 2022-12-04T17:28:20ZTTPS: T1490, T1046, T1005, T1081, T1060, T1112,...

Malware Analysis – discovery – 3524b4eb47c45c23eae68e60be83023d

December 8, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 3524b4eb47c45c23eae68e60be83023dSHA1: b8e4d1d093778f32283d5097be1e3020ec54c1d0ANALYSIS DATE: 2022-12-08T09:59:13ZTTPS: T1012, T1112, T1082, T1057 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 45[.]116[.]166[.]221:80

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]156[.]11[.]146:9999

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 79[.]137[.]248[.]24:443

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 106[.]13[.]54[.]144:80

December 8, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – d024bd4ab684e1d78599f9ae8623d624

December 8, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: d024bd4ab684e1d78599f9ae8623d624SHA1: 0b03ea93468d6a5108352051007c637ddeaa4ab3ANALYSIS DATE: 2022-12-08T10:09:35ZTTPS: T1112, T1031, T1089, T1107, T1490 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 9ce1877b8701e245454cf510ad1039ca

December 8, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 9ce1877b8701e245454cf510ad1039caSHA1: 755181bd3499c23173983e96ba306c7bf575fdb1ANALYSIS DATE: 2022-12-08T10:04:32ZTTPS:...

OSINT

CISA: CISA Releases Three Industrial Control Advisories

Malware Analysis – djvu – ac4364e2501dfeecfc23cf8c4541e379

Malware Analysis – evasion – d01c432c8ecefb66f3f2a4aa0cfd675b

Malware Analysis – djvu – 03f6c75025cf436aee8a07beefd087ba

Malware Analysis – djvu – ada2ac79c27a9bedd60f904ec6b80daa

Android app with over 5m downloads leaked user browsing history

APT37 used Internet Explorer Zero-Day in a recent campaign

R4Ven – Track Ip And GPS Location

Malware Analysis – spyware – d66210ecc0533348c07569fac5b280a5

Malware Analysis – cryptolocker – 374f74def24ea6afad4e5f4b15dcd263

Malware Analysis – evasion – cb4f0bf118a549a0fbb5cf5cfff09690

Malware Analysis – collection – 751182db0af7ea687effbea786aa1fd2

Malware Analysis – evasion – aec4f6a5e1f1e2121c6874b84ab90a18

Malware Analysis – evasion – 413cd7a56e1efb382c26f80f72cdb42d

Malware Analysis – ransomware – 096d1b1e03a8662e0c66aa25934ef00d

Malware Analysis – evasion – 77bf2a4cfaf82ae3d2321b0a42acbe91

Malware Analysis – discovery – 4140b2923edd086da854802acaa6c405

Malware Analysis – discovery – 3524b4eb47c45c23eae68e60be83023d

Cobalt Stike Beacon Detected – 45[.]116[.]166[.]221:80

Cobalt Stike Beacon Detected – 124[.]156[.]11[.]146:9999

Cobalt Stike Beacon Detected – 79[.]137[.]248[.]24:443

Cobalt Stike Beacon Detected – 106[.]13[.]54[.]144:80

Malware Analysis – evasion – d024bd4ab684e1d78599f9ae8623d624

Malware Analysis – djvu – 9ce1877b8701e245454cf510ad1039ca

[INCRANSOM] – Ransomware Victim: The Union League of Philadelphia

CVE Alert: CVE-2025-46784 – Entr’ouvert – Lasso

CVE Alert: CVE-2025-46404 – Entr’ouvert – Lasso

CVE Alert: CVE-2025-46705 – Entr’ouvert – Lasso

Cobalt Strike Beacon Detected – 8[.]138[.]222[.]215:443

You may have missed