Security

Malware Analysis – persistence – cb6813970ba6ab92fed07e15877ff22b

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: cb6813970ba6ab92fed07e15877ff22bSHA1: f26fdb6d8e64781d0884ad085f0f299555b22061ANALYSIS DATE: 2022-10-20T03:00:52ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091, T1060, T1112...

Malware Analysis – persistence – 62dc4509c9261b75d26e0b25c3e4f45b

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 62dc4509c9261b75d26e0b25c3e4f45bSHA1: 608815f3947836e9bb4a4d505a131a16ccd76d43ANALYSIS DATE: 2022-10-20T03:00:38ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091, T1060, T1112...

Malware Analysis – persistence – 6d08d30102b1f7a3e9f47624c7d049fd

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 6d08d30102b1f7a3e9f47624c7d049fdSHA1: d94c8b26a179351cf7f23b480616c98affe99047ANALYSIS DATE: 2022-10-20T03:01:14ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – ransomware – 76f5e18ba92fc7d3c90ab8ae7cbedc05

October 20, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 76f5e18ba92fc7d3c90ab8ae7cbedc05SHA1: 4ef7b09ee9c967a207afe16a3605deed90718cd3ANALYSIS DATE: 2022-10-20T03:01:33ZTTPS: T1107, T1490, T1091, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – ransomware – c7045caae927e27487964b36658f0df9

October 20, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: c7045caae927e27487964b36658f0df9SHA1: cd24d35e12f2c1a9bd31bcb053e85f857468a97cANALYSIS DATE: 2022-10-20T03:01:27ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...

Malware Analysis – persistence – 45f101592243088b3f905a64ccc25a36

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 45f101592243088b3f905a64ccc25a36SHA1: 72ea3afc87d0752c7db2387d2f7a395e72b36cceANALYSIS DATE: 2022-10-20T03:01:22ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091, T1060, T1112...

Malware Analysis – smokeloader – cb77dc108d02788a85729c8d17dfeb07

October 20, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb77dc108d02788a85729c8d17dfeb07SHA1: d6026533c917960524664ba0ecbe6ebb21998893ANALYSIS DATE: 2022-10-20T03:07:33ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – persistence – da0fa06669475a0d8a9cffbf66ae2649

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: da0fa06669475a0d8a9cffbf66ae2649SHA1: 7b82a641353526ec2e67f7911cba6249857e4ae3ANALYSIS DATE: 2022-10-20T03:20:18ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – djvu – e85b76e6329d84a2deaf949a41f9f38b

October 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e85b76e6329d84a2deaf949a41f9f38bSHA1: 33683932dd9ab46ccf33177363b1143242a284bbANALYSIS DATE: 2022-10-20T03:11:04ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – persistence – d677d25e57038aa39a5ebf509bc8be0f

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: d677d25e57038aa39a5ebf509bc8be0fSHA1: ba1ded1bf4e1195e2e27a2da83c34bbafd4a05b7ANALYSIS DATE: 2022-10-20T03:20:24ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – danabot – 96739370beb331b75f4dadc34a97b377

October 20, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 96739370beb331b75f4dadc34a97b377SHA1: 07794bc92e5a744d14f4d5fab2bdad6a9048d67eANALYSIS...

Malware Analysis – persistence – 6774ec8453d6d58cd8e79534080fcf3d

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 6774ec8453d6d58cd8e79534080fcf3dSHA1: 9841464a2b1be2b4d6b72bfc71c7e2c95b756992ANALYSIS DATE: 2022-10-20T03:20:31ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091, T1060, T1112...

Malware Analysis – evasion – 5826afdc3da0e5994a7558aba2499f93

October 20, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 5826afdc3da0e5994a7558aba2499f93SHA1: 4310a2e0727668bf6615f1e1c3453e051ff486d7ANALYSIS DATE: 2022-10-20T03:30:19ZTTPS: T1012, T1120, T1082, T1112, T1088, T1089, T1018, T1158,...

Malware Analysis – persistence – 804d161caad6c13e7d7d56be5543c384

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 804d161caad6c13e7d7d56be5543c384SHA1: 85c8ede00e5c105e302103ef9c567f7a64b17e87ANALYSIS DATE: 2022-10-20T03:20:41ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – smokeloader – 46017e962ae3b76d86177c74d6c54257

October 20, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 46017e962ae3b76d86177c74d6c54257SHA1: b413251a1bd5f8d51220eac070b1df4599a24ed6ANALYSIS DATE: 2022-10-20T04:07:24ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – 3bb6ba5f313a55bb4bfcae96f0b2174e

October 20, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojan, upxMD5: 3bb6ba5f313a55bb4bfcae96f0b2174eSHA1: 72a3e0fc09e385f0b77fcb067d246331e1636a55ANALYSIS DATE: 2022-10-20T03:39:57ZTTPS: T1088, T1089, T1112, T1491, T1082, T1060, T1004...

Malware Analysis – djvu – 550aa6e971ec74a745e74889f95b231d

October 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 550aa6e971ec74a745e74889f95b231dSHA1: 21afe5f1fcb6bd967e2ff2e3dc30bc82c62e0170ANALYSIS DATE: 2022-10-20T04:27:44ZTTPS: T1082, T1005, T1081, T1012,...

Malware Analysis – chaos – 9188ac80b6c87150a513431bb27567bc

October 20, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, persistence, ransomware, spyware, stealerMD5: 9188ac80b6c87150a513431bb27567bcSHA1: 7abc0b85cefcec070ee47fb3a3c982df7b1c5e19ANALYSIS DATE: 2022-10-20T03:40:08ZTTPS: T1490, T1059, T1107, T1082, T1060, T1112,...

Malware Analysis – djvu – 84064f1d6a3a2f419c75c7ad2241171b

October 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 84064f1d6a3a2f419c75c7ad2241171bSHA1: beca83d94d18db23458b32e673ebc02b1468b1f8ANALYSIS DATE: 2022-10-20T04:50:33ZTTPS: T1222, T1005, T1081, T1012,...

Malware Analysis – djvu – 04fb5f0440c3365524d03a4e1cce1d18

October 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 04fb5f0440c3365524d03a4e1cce1d18SHA1: 6cf5ee7aa79251bfc2adab5ef0b6e9fd5e1b67d5ANALYSIS DATE: 2022-10-20T04:44:16ZTTPS: T1005, T1081, T1060, T1112,...

Malware Analysis – chaos – c0d3bd5a91adc22c7af38bffbed28349

October 20, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomware, spyware, stealerMD5: c0d3bd5a91adc22c7af38bffbed28349SHA1: 9013950420444e6f948338f1c13817d4ea6f571cANALYSIS DATE: 2022-10-20T04:40:06ZTTPS: T1005, T1081, T1082 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – persistence – 7e37f07e97e27575c5a6a7e61a3edf63

October 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 7e37f07e97e27575c5a6a7e61a3edf63SHA1: 5893ed714c341556df4df45c5e84b6a96ff9784bANALYSIS DATE: 2022-10-20T04:40:22ZTTPS: T1091, T1060, T1112, T1005, T1081, T1082, T1107, T1490...

Text4Shell, a remote code execution bug in Apache Commons Text library

October 20, 2022

Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote...

Cobalt Stike Beacon Detected – 20[.]205[.]142[.]50:80

October 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Security

Malware Analysis – persistence – cb6813970ba6ab92fed07e15877ff22b

Malware Analysis – persistence – 62dc4509c9261b75d26e0b25c3e4f45b

Malware Analysis – persistence – 6d08d30102b1f7a3e9f47624c7d049fd

Malware Analysis – ransomware – 76f5e18ba92fc7d3c90ab8ae7cbedc05

Malware Analysis – ransomware – c7045caae927e27487964b36658f0df9

Malware Analysis – persistence – 45f101592243088b3f905a64ccc25a36

Malware Analysis – smokeloader – cb77dc108d02788a85729c8d17dfeb07

Malware Analysis – persistence – da0fa06669475a0d8a9cffbf66ae2649

Malware Analysis – djvu – e85b76e6329d84a2deaf949a41f9f38b

Malware Analysis – persistence – d677d25e57038aa39a5ebf509bc8be0f

Malware Analysis – danabot – 96739370beb331b75f4dadc34a97b377

Malware Analysis – persistence – 6774ec8453d6d58cd8e79534080fcf3d

Malware Analysis – evasion – 5826afdc3da0e5994a7558aba2499f93

Malware Analysis – persistence – 804d161caad6c13e7d7d56be5543c384

Malware Analysis – smokeloader – 46017e962ae3b76d86177c74d6c54257

Malware Analysis – evasion – 3bb6ba5f313a55bb4bfcae96f0b2174e

Malware Analysis – djvu – 550aa6e971ec74a745e74889f95b231d

Malware Analysis – chaos – 9188ac80b6c87150a513431bb27567bc

Malware Analysis – djvu – 84064f1d6a3a2f419c75c7ad2241171b

Malware Analysis – djvu – 04fb5f0440c3365524d03a4e1cce1d18

Malware Analysis – chaos – c0d3bd5a91adc22c7af38bffbed28349

Malware Analysis – persistence – 7e37f07e97e27575c5a6a7e61a3edf63

Text4Shell, a remote code execution bug in Apache Commons Text library

Cobalt Stike Beacon Detected – 20[.]205[.]142[.]50:80

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed