Cobalt Stike Beacon Detected – 193[.]149[.]189[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Malware Analysis – banker – 6b22b27f63ab2b293df3c3136f208b10
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 6b22b27f63ab2b293df3c3136f208b10SHA1: 8d0de13a16ff6beadafc9b8347214768cbdac348ANALYSIS DATE: 2022-11-10T21:34:25ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – banker – f2b7cbc615dce6a960cc0cbdaf2450cc
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: f2b7cbc615dce6a960cc0cbdaf2450ccSHA1: f29ebe63d4133b35bd7d9d5a91c77cca0b48909eANALYSIS DATE: 2022-11-10T21:30:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – amadey – b4f0f746f0d8fdf3deefacf969fc7dbf
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – 647f744811e8601fc67509b459049436
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 647f744811e8601fc67509b459049436SHA1: c6956aff032391fee4c8ac1672524d882f34003dANALYSIS DATE: 2022-11-10T23:00:15ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – wannacry – 8f050abf3935e3b89637258891f175ca
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 8f050abf3935e3b89637258891f175caSHA1: 1abf4c198315b3cc7569ff373d2ee7d505d8acd2ANALYSIS DATE: 2022-11-10T22:00:25ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – fdb782a949ab68bae4ffc41ea893b912
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1, botnet:517, botnet:google2, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Apple out-of-band patches fix remote code execution bugs in iOS and macOS
Apple released out-of-band patches for iOS and macOS to fix a couple of code execution vulnerabilities in the libxml2 library....
Malware Analysis – – e92c2aeb2d415141c12a73e61a20ed20
Score: 1 MALWARE FAMILY: TAGS:MD5: e92c2aeb2d415141c12a73e61a20ed20SHA1: 3ca042cc5c33e61ebf7e96778c390b5fa6c51e0bANALYSIS DATE: 2022-11-10T15:09:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 1980259c88fd2e3c5ce8f75da226105e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1980259c88fd2e3c5ce8f75da226105eSHA1: 24a4abe16059cd4910efd1f0c68dce88a2473487ANALYSIS DATE: 2022-11-10T15:44:24ZTTPS: T1060, T1112, T1222, T1005,...
Malware Analysis – amadey – 758ec5a0f7a4a0953f66a7c5fce15ac4
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...
Malware Analysis – amadey – 043df0736f750138be845d2f1e7a9545
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – 54ec7486698c2b73e2d0f847588b2038
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 54ec7486698c2b73e2d0f847588b2038SHA1: 7fa8e73184a190d6f5a6f77be139e3627f0f5921ANALYSIS DATE: 2022-11-10T17:10:15ZTTPS: T1222, T1082, T1005, T1081,...
CISA: CISA Releases Twenty Industrial Control Systems Advisories
CISA Releases Twenty Industrial Control Systems Advisories CISA has released twenty (20) Industrial Control Systems (ICS) advisories on November 10,...
Researchers warn of malicious packages on PyPI using steganography
Experts discovered a malicious package on the Python Package Index (PyPI) that uses steganographic to hide malware within image files....
CISA: CISA Releases SSVC Methodology to Prioritize Vulnerabilities
CISA Releases SSVC Methodology to Prioritize Vulnerabilities Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management...
A bug in ABB Totalflow flow computers exposed oil and gas companies to attack
A flaw in the ABB Totalflow system used in oil and gas organizations could be exploited by an attacker to...
NGWAF – First Iteration Of ML Based Feedback WAF
This can be achieved in the following steps: Create a new dataset (.csv) for upload in the following format...
Cobalt Stike Beacon Detected – 101[.]43[.]4[.]39:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]27[.]227[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – azov – ffee009b572a16093cfffe7f8e3d963a
Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: ffee009b572a16093cfffe7f8e3d963aSHA1: c499d2778dc2746a08ef90d259e2f6834ed17cdfANALYSIS DATE: 2022-11-10T09:00:45ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware...
Malware Analysis – azov – 6468ee100d88c71d55dfdcf4e30f991e
Score: 10 MALWARE FAMILY: azovTAGS:family:azov, ransomware, spyware, stealer, wiperMD5: 6468ee100d88c71d55dfdcf4e30f991eSHA1: 5c520d2d7dc4c9e5d536d3aff998185657d40ac8ANALYSIS DATE: 2022-11-10T09:01:07ZTTPS: T1012, T1120, T1082, T1005, T1081 ScoreMeaningExample10Known badA...
Cobalt Stike Beacon Detected – 101[.]201[.]35[.]218:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]95[.]204:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
