Security

Malware Analysis – evasion – f4dcbd5f5b985250924631a998237d27

March 5, 2023

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomware, upxMD5: f4dcbd5f5b985250924631a998237d27SHA1: 432199480a137cdd63dc90255211cea766bb37d5ANALYSIS DATE: 2023-03-05T17:36:51ZTTPS: T1490, T1082, T1012, T1120, T1031, T1562, T1489 ScoreMeaningExample10Known badA...

Malware Analysis – djvu – 0a0ebfeb569497ad77dd163776b29422

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 0a0ebfeb569497ad77dd163776b29422SHA1: 525911955a20e39ae252044c3a1eb99cf97cbda9ANALYSIS DATE: 2023-03-05T17:30:08ZTTPS: T1222, T1082, T1005, T1081, T1012,...

Malware Analysis – djvu – 9fdb32ec78c101f060098ad1546e65d1

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9fdb32ec78c101f060098ad1546e65d1SHA1: 0033639ce67337a8fa8aff778e0f40e6dbdabd71ANALYSIS DATE: 2023-03-05T17:50:08ZTTPS: T1005, T1081, T1222, T1082, T1012,...

Malware Analysis – djvu – da63a1ee5554cf0f1d3cab63ce093beb

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: da63a1ee5554cf0f1d3cab63ce093bebSHA1: d43dde52af0609602d839f101236fcae17169077ANALYSIS DATE: 2023-03-05T09:16:09ZTTPS: T1053, T1005, T1081, T1012, T1060,...

Malware Analysis – djvu – 2f16d4f7dd1bc6215c04993cecb0ac98

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 2f16d4f7dd1bc6215c04993cecb0ac98SHA1: 8405146f2ad4878cce5a39208d62b9669df9f53fANALYSIS DATE: 2023-03-05T09:32:09ZTTPS: T1012, T1082, T1005, T1081, T1060,...

Cobalt Stike Beacon Detected – 86[.]106[.]87[.]157:443

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 139[.]196[.]47[.]225:8045

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 121[.]43[.]189[.]59:7777

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]156[.]59[.]131:81

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 2ea34c5254243b375ea168b693fbf1cf

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 2ea34c5254243b375ea168b693fbf1cfSHA1: 474d9c43ad567f3238fd168fe374f90550f435e5ANALYSIS DATE: 2023-03-05T10:30:44ZTTPS: T1082, T1005, T1081, T1012, T1222,...

Malware Analysis – ransomware – bddc77465196a1fe9e1a2e32ac8bca76

March 5, 2023

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: bddc77465196a1fe9e1a2e32ac8bca76SHA1: d9804432571b6d22956a38a5bf3223c15fe31030ANALYSIS DATE: 2023-03-05T10:21:40ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – cf417c069d0d706bed68b75ef58d5258

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: cf417c069d0d706bed68b75ef58d5258SHA1: 170ce38f4aa735bc188b85e116a8708aeb54a3afANALYSIS DATE: 2023-03-05T09:35:47ZTTPS: T1012, T1082, T1005, T1081, T1060,...

Malware Analysis – bootkit – 04c323daafc58fd9d2732528af94c893

March 5, 2023

Score: 10 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, evasion, persistence, ransomware, trojanMD5: 04c323daafc58fd9d2732528af94c893SHA1: f62f470668806219024b4e8df6395b527ce77bd5ANALYSIS DATE: 2023-03-05T10:31:21ZTTPS: T1012, T1120, T1082, T1060, T1130, T1112,...

Cobalt Stike Beacon Detected – 124[.]222[.]3[.]42:4433

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 5[.]9[.]224[.]208:443

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]222[.]16[.]73:80

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 162[.]14[.]117[.]138:443

March 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 5088dddbc956fb18c627fb9241416e4f

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5088dddbc956fb18c627fb9241416e4fSHA1: 5dc26a81f7df1ea96f02548a63276c012c0d1faaANALYSIS DATE: 2023-03-05T11:33:00ZTTPS: T1222, T1005, T1081, T1060, T1112,...

Malware Analysis – – 5e8189df55ed00bb294db50ead7b6eba

March 5, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 5e8189df55ed00bb294db50ead7b6ebaSHA1: faf7ec2afa6674318f87e664e61100bbc1886429ANALYSIS DATE: 2023-03-05T10:31:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – a476d9fa19205b2d559ca70738d020ae

March 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a476d9fa19205b2d559ca70738d020aeSHA1: d45c468823386ab696bbc48d79507e4ff0512041ANALYSIS DATE: 2023-03-05T11:44:02ZTTPS: T1060, T1112, T1005, T1081, T1012,...

Malware Analysis – bootkit – 7f074455c7fcc15b3a6d372695511245

March 5, 2023

Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, evasion, persistenceMD5: 7f074455c7fcc15b3a6d372695511245SHA1: c68221fe8c1d1359f28e3c8d51f9b011ade849f0ANALYSIS DATE: 2023-03-05T10:49:17ZTTPS: T1082, T1050, T1031, T1562, T1489, T1012, T1112, T1060, T1067,...

Security

Malware Analysis – evasion – f4dcbd5f5b985250924631a998237d27

Malware Analysis – djvu – 0a0ebfeb569497ad77dd163776b29422

Malware Analysis – djvu – 9fdb32ec78c101f060098ad1546e65d1

Malware Analysis – djvu – da63a1ee5554cf0f1d3cab63ce093beb

Malware Analysis – djvu – 2f16d4f7dd1bc6215c04993cecb0ac98

Cobalt Stike Beacon Detected – 86[.]106[.]87[.]157:443

Cobalt Stike Beacon Detected – 139[.]196[.]47[.]225:8045

Cobalt Stike Beacon Detected – 121[.]43[.]189[.]59:7777

Cobalt Stike Beacon Detected – 43[.]156[.]59[.]131:81

Malware Analysis – djvu – 2ea34c5254243b375ea168b693fbf1cf

Malware Analysis – ransomware – bddc77465196a1fe9e1a2e32ac8bca76

Malware Analysis – djvu – cf417c069d0d706bed68b75ef58d5258

Malware Analysis – bootkit – 04c323daafc58fd9d2732528af94c893

Cobalt Stike Beacon Detected – 124[.]222[.]3[.]42:4433

Cobalt Stike Beacon Detected – 5[.]9[.]224[.]208:443

Cobalt Stike Beacon Detected – 124[.]222[.]16[.]73:80

Cobalt Stike Beacon Detected – 162[.]14[.]117[.]138:443

Malware Analysis – djvu – 5088dddbc956fb18c627fb9241416e4f

Malware Analysis – – 5e8189df55ed00bb294db50ead7b6eba

Malware Analysis – djvu – a476d9fa19205b2d559ca70738d020ae

Malware Analysis – bootkit – 7f074455c7fcc15b3a6d372695511245

Cobalt Stike Beacon Detected – 218[.]28[.]63[.]34:8037

Cobalt Stike Beacon Detected – 185[.]254[.]37[.]251:443

Cobalt Stike Beacon Detected – 82[.]157[.]182[.]245:8088

[QILIN] – Ransomware Victim: Habib Bank AG Zurich

[QILIN] – Ransomware Victim: Durvet

[QILIN] – Ransomware Victim: Habib Bank

Brute Ratel C4 Detected – 3[.]115[.]56[.]24:80

CVE Alert: CVE-2025-12384 – bplugins – Document Embedder – Embed PDFs, Word, Excel, and Other Files

You may have missed