Cobalt Stike Beacon Detected – 82[.]157[.]61[.]211:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 101[.]34[.]226[.]129:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]73[.]134[.]59:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]253[.]125:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]25[.]103[.]78:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 210[.]61[.]186[.]116:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 37[.]1[.]214[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – – 8f2da48a3c836889388c485d28e4fda4
Score: 6 MALWARE FAMILY: TAGS:MD5: 8f2da48a3c836889388c485d28e4fda4SHA1: d374b1f085bfec71fb3db23c9319d9b618dcb03dANALYSIS DATE: 2022-11-22T10:17:45ZTTPS: T1012, T1082, T1102 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 121[.]5[.]138[.]100:50000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]46[.]82:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]144[.]244:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]199[.]169[.]236:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – b26c34994de77a1188bcb110985f7056
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:kript, botnet:novr, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...
Malware Analysis – djvu – 59f196d429eff3d53f060a349853e04a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 59f196d429eff3d53f060a349853e04aSHA1: a975dbff2ae0780d11b09e0d9c6d20a90d494bfcANALYSIS DATE: 2022-11-22T10:24:37ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – – b7d7159b2009efe022a13a2230776204
Score: 1 MALWARE FAMILY: TAGS:MD5: b7d7159b2009efe022a13a2230776204SHA1: de42e42880615597a9286671052f8010089e5231ANALYSIS DATE: 2022-11-22T11:29:52ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 5085d36f174e9981b33d2107d5c3b0e9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 5085d36f174e9981b33d2107d5c3b0e9SHA1: 4fe0675c66a51b3ca425fdd2060b9d7455eae764ANALYSIS DATE: 2022-11-22T10:33:36ZTTPS: T1060, T1112, T1012, T1082,...
Two Estonian citizens arrested in $575M cryptocurrency fraud scheme
Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were...
Emotet is back and delivers payloads like IcedID and Bumblebee
The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint...
Daily Vulnerability Trends: Tue Nov 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...
LockBit 3.0 Ransomware Victim: westmount[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ryokikogyo[.]co[.]jp
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – evasion – 35697283bc104abe8ed16dff49872499
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 35697283bc104abe8ed16dff49872499SHA1: 7e56c1f57bbc5a4945e420c91d1d10eaa9018077ANALYSIS DATE: 2022-11-22T05:26:04ZTTPS: T1490, T1018, T1060, T1112, T1012, T1120, T1082, T1107 ScoreMeaningExample10Known...
