Security

Cobalt Stike Beacon Detected – 82[.]157[.]136[.]219:80

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild

November 21, 2022

Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence...

Malware Analysis – djvu – 8e637847078984ede008e53a549aaf59

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 8e637847078984ede008e53a549aaf59SHA1: 7dd746cfecce7b728918bd15d7d7eb3e2da70474ANALYSIS DATE: 2022-11-21T04:20:44ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – djvu – b8a3b7f9c04e2522b454963e5c7d67be

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: b8a3b7f9c04e2522b454963e5c7d67beSHA1:...

Malware Analysis – djvu – c1ba21c6be66db5f18e143f95df50241

November 21, 2022

Malware Analysis – djvu – e31c38e9f1ab45320a0053dd649ec8f9

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e31c38e9f1ab45320a0053dd649ec8f9SHA1: 3047d3bf2654a5fb51a4438bb44dacab296e1d70ANALYSIS DATE: 2022-11-21T05:40:10ZTTPS: T1060, T1112, T1222, T1082, T1012, T1053 ScoreMeaningExample10Known badA...

Malware Analysis – evasion – 14e5a91d1292a99bb872f4b31acd9646

November 21, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, upxMD5: 14e5a91d1292a99bb872f4b31acd9646SHA1: d2b91d461ab3e9bd0c70b49860d455f841673eccANALYSIS DATE: 2022-11-21T05:25:42ZTTPS: T1091, T1082, T1158, T1112, T1060, T1491 ScoreMeaningExample10Known badA...

Malware Analysis – buran – 3ea0ab42bcab5745ba3631f01c4d4cd3

November 21, 2022

Score: 10 MALWARE FAMILY: buranTAGS:family:buran, ransomwareMD5: 3ea0ab42bcab5745ba3631f01c4d4cd3SHA1: 9eb457ce8568fa4a4375cdebbf3b181976a99718ANALYSIS DATE: 2022-11-21T05:47:20ZTTPS: T1018, T1102, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was...

Cobalt Stike Beacon Detected – 49[.]232[.]17[.]51:80

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 192[.]144[.]220[.]86:444

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 143[.]198[.]42[.]84:80

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – 6ba66ac7b56c6f31417db0c1ca9fe6b1

November 21, 2022

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 6ba66ac7b56c6f31417db0c1ca9fe6b1SHA1: 8ccc065e083d78b3a6b8996a687235234c2cd07dANALYSIS DATE: 2022-11-20T20:54:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – dcrat – d609d7888ebd66e4cb502ae75ca86885

November 21, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...

Cobalt Stike Beacon Detected – 43[.]129[.]214[.]143:443

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 82[.]156[.]14[.]220:80

November 21, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – c87b0936f8df9e15a4f1b80ec67b1e7c

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c87b0936f8df9e15a4f1b80ec67b1e7cSHA1: b8079093e721cc3bec75aefdea51eb89aca07797ANALYSIS DATE: 2022-11-20T21:52:57ZTTPS: T1222, T1082, T1012, T1005,...

Malware Analysis – dcrat – f789ab6aeccc2819d9c8a1c16ee74ac0

November 21, 2022

Malware Analysis – djvu – e9ad549423799c0b5c2cafa201b58064

November 21, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e9ad549423799c0b5c2cafa201b58064SHA1: c52a88d026937faef2066b108a4b4ba3aee1412eANALYSIS DATE: 2022-11-20T21:45:06ZTTPS: T1082, T1005, T1081, T1222,...

Security

Cobalt Stike Beacon Detected – 82[.]157[.]136[.]219:80

Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild

Malware Analysis – djvu – 8e637847078984ede008e53a549aaf59

Malware Analysis – djvu – b8a3b7f9c04e2522b454963e5c7d67be

Malware Analysis – djvu – c1ba21c6be66db5f18e143f95df50241

Malware Analysis – djvu – e31c38e9f1ab45320a0053dd649ec8f9

Malware Analysis – evasion – 14e5a91d1292a99bb872f4b31acd9646

Malware Analysis – buran – 3ea0ab42bcab5745ba3631f01c4d4cd3

Cobalt Stike Beacon Detected – 49[.]232[.]17[.]51:80

Cobalt Stike Beacon Detected – 192[.]144[.]220[.]86:444

Cobalt Stike Beacon Detected – 143[.]198[.]42[.]84:80

Malware Analysis – ransomware – 6ba66ac7b56c6f31417db0c1ca9fe6b1

Malware Analysis – dcrat – d609d7888ebd66e4cb502ae75ca86885

Cobalt Stike Beacon Detected – 43[.]129[.]214[.]143:443

Cobalt Stike Beacon Detected – 82[.]156[.]14[.]220:80

Malware Analysis – djvu – c87b0936f8df9e15a4f1b80ec67b1e7c

Malware Analysis – dcrat – f789ab6aeccc2819d9c8a1c16ee74ac0

Malware Analysis – djvu – e9ad549423799c0b5c2cafa201b58064

Cobalt Stike Beacon Detected – 120[.]76[.]205[.]155:8080

Cobalt Stike Beacon Detected – 42[.]193[.]145[.]27:80

Malware Analysis – dcrat – d9ed38e3ba39acbfa4ed8d69e233c67e

Cobalt Stike Beacon Detected – 192[.]252[.]182[.]56:80

Cobalt Stike Beacon Detected – 42[.]194[.]213[.]51:443

Security Affairs newsletter Round 394

[NIGHTSPIRE] – Ransomware Victim: Enem Nostrum Remedies Pvt[.] Ltd

[THEGENTLEMEN] – Ransomware Victim: St Stephen’s International

[QILIN] – Ransomware Victim: Mango’s Tropical Cafe

Cobalt Strike Beacon Detected – 121[.]41[.]167[.]80:80

Cobalt Strike Beacon Detected – 38[.]190[.]224[.]63:80

You may have missed