OSINT

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

November 9, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Malware Analysis – evasion – d33273c799f5809c5b8db34ec3273686

November 9, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: d33273c799f5809c5b8db34ec3273686SHA1: 2d1fe993e4bc812a5ca743b7b429a9e68213e712ANALYSIS DATE: 2022-11-07T23:51:40ZTTPS: T1012, T1082, T1060, T1112, T1158, T1088,...

Malware Analysis – evasion – f431ed6f8785a7640c045bf0b7a9ddd6

November 9, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: f431ed6f8785a7640c045bf0b7a9ddd6SHA1: 7b7104e9c31b90b379337c62ef5118a1b44c925aANALYSIS DATE: 2022-11-07T23:33:02ZTTPS: T1005, T1081, T1012, T1082, T1112, T1158,...

Malware Analysis – evasion – b064703950f97552e4fc974a768abe34

November 9, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: b064703950f97552e4fc974a768abe34SHA1: 7cfac2ac250ef01d4e413531cba855cb6bb14bc7ANALYSIS DATE: 2022-11-07T23:46:16ZTTPS: T1158, T1112, T1088, T1089, T1060, T1082,...

Malware Analysis – – 18fc2732394014a8bdf9abaabd8479e4

November 9, 2022

Score: 8 MALWARE FAMILY: TAGS:MD5: 18fc2732394014a8bdf9abaabd8479e4SHA1: 9669d98ef38e7b31c2b47d52662b1ba19f881181ANALYSIS DATE: 2022-11-08T00:17:06ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Cobalt Stike Beacon Detected – 129[.]226[.]114[.]137:8080

November 9, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – 879f36bad3f0e5244345d16f14787e91

November 9, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 879f36bad3f0e5244345d16f14787e91SHA1: e0534407f4861516a7dfbd700915cdedc802ca28ANALYSIS DATE: 2022-11-08T21:00:25ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...

Malware Analysis – evasion – aa9f4ffe8c7083441d072b7e65703bb2

November 9, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, trojanMD5: aa9f4ffe8c7083441d072b7e65703bb2SHA1: b33ffbc501c1a83bf91c499f765ef3f1c3f40c5fANALYSIS DATE: 2022-11-08T01:16:54ZTTPS: T1112, T1158, T1088, T1089, T1082, T1005,...

Malware Analysis – persistence – 85541869dac0562262f7ed179a63988a

November 9, 2022

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 85541869dac0562262f7ed179a63988aSHA1: 68e663d3cdce9df2ffd16050b68f65a009453aa3ANALYSIS DATE: 2022-11-08T01:17:04ZTTPS: T1112, T1107, T1490, T1005, T1081, T1082, T1060 ScoreMeaningExample10Known...

Malware Analysis – ransomware – 48d064f8cfa1d3a7f6b4cba7cc650e09

November 9, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 48d064f8cfa1d3a7f6b4cba7cc650e09SHA1: f640abaf32949f602cf812b4b2d47d5592b7b931ANALYSIS DATE: 2022-11-08T21:00:30ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – persistence – f6ff82c48f719397ad5e405dddc1f6af

November 9, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: f6ff82c48f719397ad5e405dddc1f6afSHA1: 1f6fe7f9492e3e1612f2b7aef27088a468868fe0ANALYSIS DATE: 2022-11-08T21:55:29ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 2e99a66b5866d2990d398da56a79a581

November 9, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2e99a66b5866d2990d398da56a79a581SHA1: 52956a7ead4a6357796bf3867c1b4063a3f7e473ANALYSIS DATE: 2022-11-08T21:20:33ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...

Malware Analysis – wannacry – 23dff72aaab905199d40929519f10e65

November 9, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 23dff72aaab905199d40929519f10e65SHA1: 5f2304fdf992ac7d960b4bc7c2e63791b8f0dbcaANALYSIS DATE: 2022-11-08T21:20:41ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – quasar – 09c54575d33593070baaf2e45719913e

November 9, 2022

Score: 10 MALWARE FAMILY: quasarTAGS:family:quasar, evasion, persistence, ransomware, spyware, trojanMD5: 09c54575d33593070baaf2e45719913eSHA1: 6581403455b264d979be79aabf9b9fe3d65e2bc2ANALYSIS DATE: 2022-11-08T22:15:31ZTTPS: T1089, T1112, T1031, T1102, T1053, T1107,...

Malware Analysis – djvu – c140b3cc4bac974dfbe998436efa254e

November 9, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: c140b3cc4bac974dfbe998436efa254eSHA1:...

Malware Analysis – djvu – d15be8de15096a9551c5475cbaafbbbd

November 9, 2022

Malware Analysis – djvu – c6635d77243f0ac517a41f784ca5247f

November 9, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c6635d77243f0ac517a41f784ca5247fSHA1: 1aceeadcc08cc43d87fe0b8d386671bfbd03b59cANALYSIS DATE: 2022-11-08T23:37:17ZTTPS: T1222, T1005, T1081, T1053,...

Malware Analysis – djvu – 17ee638b2f006f1f69b79c3cf173cae0

November 9, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 17ee638b2f006f1f69b79c3cf173cae0SHA1: bf4c578c214b3d5b21b1e9e1a76647cdea606de9ANALYSIS DATE: 2022-11-08T22:17:32ZTTPS: T1060, T1112, T1012, T1082,...

Bug Bounty

OSINT

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

Malware Analysis – evasion – d33273c799f5809c5b8db34ec3273686

Malware Analysis – evasion – f431ed6f8785a7640c045bf0b7a9ddd6

Malware Analysis – evasion – b064703950f97552e4fc974a768abe34

Malware Analysis – – 18fc2732394014a8bdf9abaabd8479e4

Cobalt Stike Beacon Detected – 129[.]226[.]114[.]137:8080

Malware Analysis – ransomware – 879f36bad3f0e5244345d16f14787e91

Malware Analysis – evasion – aa9f4ffe8c7083441d072b7e65703bb2

Malware Analysis – persistence – 85541869dac0562262f7ed179a63988a

Malware Analysis – ransomware – 48d064f8cfa1d3a7f6b4cba7cc650e09

Malware Analysis – persistence – f6ff82c48f719397ad5e405dddc1f6af

Malware Analysis – ransomware – 2e99a66b5866d2990d398da56a79a581

Malware Analysis – wannacry – 23dff72aaab905199d40929519f10e65

Malware Analysis – quasar – 09c54575d33593070baaf2e45719913e

Malware Analysis – djvu – c140b3cc4bac974dfbe998436efa254e

Malware Analysis – djvu – d15be8de15096a9551c5475cbaafbbbd

Malware Analysis – djvu – c6635d77243f0ac517a41f784ca5247f

Malware Analysis – djvu – 17ee638b2f006f1f69b79c3cf173cae0

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework

Hybrid Cloud Management Security Tools

Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw

SmokeLoader campaign distributes new Laplas Clipper malware

LockBit 3.0 Ransomware Victim: crtl[.]com

[QILIN] – Ransomware Victim: bagnoles[.]nl

[BLACKSHRANTAC] – Ransomware Victim: ApleNet Co[.], Ltd

[QILIN] – Ransomware Victim: Disseny Dental

Cobalt Strike Beacon Detected – 196[.]251[.]69[.]253:4433

Cobalt Strike Beacon Detected – 124[.]223[.]114[.]203:4433

You may have missed