Security

Malware Analysis – smokeloader – 0832c102331af5307c561a5dba7380a5

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 0832c102331af5307c561a5dba7380a5SHA1: e5ad2eecf7dab71f9d55a28e9594d78d10dbfbbfANALYSIS DATE: 2022-12-25T09:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – d95589c8fbd49a9f0dc47886e4b99cf6

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: d95589c8fbd49a9f0dc47886e4b99cf6SHA1: 25a60d20480a868c2acb271b452bd07b6c54d8a2ANALYSIS DATE: 2022-12-25T03:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 7c24e7b69fb12ad039f3b7396dd6fd32

December 25, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 7c24e7b69fb12ad039f3b7396dd6fd32SHA1: 3f68285a80953248f7fa6fe7b9db41ac9907e45eANALYSIS DATE: 2022-12-25T03:48:08ZTTPS: T1012, T1082, T1053, T1005, T1081, T1222,...

Malware Analysis – djvu – dae8500aae0d729e44c90ece88c5f346

December 25, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: dae8500aae0d729e44c90ece88c5f346SHA1: 09859eb420cd3aa9e7dc71e97201f0f38df7e4ccANALYSIS DATE: 2022-12-25T05:32:07ZTTPS: T1060, T1112, T1005, T1081, T1222, T1082,...

Malware Analysis – smokeloader – c6c8211f6d8201310b934f270a93ab64

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c6c8211f6d8201310b934f270a93ab64SHA1: 070c740d75269c32e1819a21615721ff8ff0b832ANALYSIS DATE: 2022-12-25T05:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 6dd6384670baa5423c76f1bbde4235c9

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6dd6384670baa5423c76f1bbde4235c9SHA1: 3ca565f27bc7a6d87eab5c5e1df038944789401fANALYSIS DATE: 2022-12-25T04:03:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 43[.]138[.]105[.]228:81

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 45[.]61[.]186[.]9:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 179[.]60[.]150[.]117:80

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 23[.]160[.]193[.]145:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – smokeloader – 2909f77128b92348349a8c124048ed79

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 2909f77128b92348349a8c124048ed79SHA1: fdffc675fabeea6f7b2a53bc66b5b8150922eaa2ANALYSIS DATE: 2022-12-24T21:16:38ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 43[.]139[.]7[.]93:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 137[.]184[.]179[.]252:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 35[.]75[.]73[.]32:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 311c3aac0ea507e2e10ff88fccb56c0a

December 25, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 311c3aac0ea507e2e10ff88fccb56c0aSHA1: 553d0012c5b15f670894be85c308bf9ea4bf53f0ANALYSIS DATE: 2022-12-24T21:31:09ZTTPS: T1053, T1130, T1112, T1060, T1222, T1082 ScoreMeaningExample10Known badA...

Malware Analysis – amadey – 1cd8b593c078ed11ca602da358452c48

December 25, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 1cd8b593c078ed11ca602da358452c48SHA1: 801efb1fdb58c0d8e64bff1f191246532f173176ANALYSIS...

Malware Analysis – djvu – d258b0f01d011726b8fb5dc5ede50eab

December 25, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: d258b0f01d011726b8fb5dc5ede50eabSHA1: d0f1ce0d3dd44ccc69634665813e53fd8034d9e2ANALYSIS DATE: 2022-12-24T21:48:20ZTTPS: T1005, T1081, T1012, T1082, T1060, T1112,...

Malware Analysis – smokeloader – b14dca575e3ba081aadd6ebbeffb3db4

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b14dca575e3ba081aadd6ebbeffb3db4SHA1: 7e71f886666693dc7fd9e55630ea4704575eb761ANALYSIS DATE: 2022-12-24T21:32:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 5cf0ffae39e55db6477398473d6d94e8

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5cf0ffae39e55db6477398473d6d94e8SHA1: 2022554ca4ffe865932d173e25fabcdf53e98bf5ANALYSIS DATE: 2022-12-24T22:31:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 79[.]137[.]202[.]62:443

December 25, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – amadey – 15f57d45fe2a1e8da248cf9b3723d775

December 25, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:eternity, family:redline, family:smokeloader, family:socelars, botnet:post, botnet:trud, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer,...

Malware Analysis – amadey – c85fc2a2b01780ebaa4c8a194a6d1274

December 25, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, botnet:mario23_10, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: c85fc2a2b01780ebaa4c8a194a6d1274SHA1: d09b86ed2bdc3c86919c7d67da8bb2c79cc71a0dANALYSIS DATE: 2022-12-24T23:00:28ZTTPS:...

Malware Analysis – smokeloader – 66827360ebaead210fe55107c62b5c3f

December 25, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 66827360ebaead210fe55107c62b5c3fSHA1: a9a2eb425b7f0e42427fa6f60247d74636903882ANALYSIS DATE: 2022-12-24T23:04:24ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – c80d0ef14b0c0ba82b8d5fac2c775bc1

December 25, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: c80d0ef14b0c0ba82b8d5fac2c775bc1SHA1: a1ea6465f2ec58208686477af9a844353ca25102ANALYSIS DATE: 2022-12-24T22:55:52ZTTPS: T1005, T1081, T1082, T1012, T1060, T1112,...

Security

Malware Analysis – smokeloader – 0832c102331af5307c561a5dba7380a5

Malware Analysis – smokeloader – d95589c8fbd49a9f0dc47886e4b99cf6

Malware Analysis – djvu – 7c24e7b69fb12ad039f3b7396dd6fd32

Malware Analysis – djvu – dae8500aae0d729e44c90ece88c5f346

Malware Analysis – smokeloader – c6c8211f6d8201310b934f270a93ab64

Malware Analysis – smokeloader – 6dd6384670baa5423c76f1bbde4235c9

Cobalt Stike Beacon Detected – 43[.]138[.]105[.]228:81

Cobalt Stike Beacon Detected – 45[.]61[.]186[.]9:443

Cobalt Stike Beacon Detected – 179[.]60[.]150[.]117:80

Cobalt Stike Beacon Detected – 23[.]160[.]193[.]145:443

Malware Analysis – smokeloader – 2909f77128b92348349a8c124048ed79

Cobalt Stike Beacon Detected – 43[.]139[.]7[.]93:443

Cobalt Stike Beacon Detected – 137[.]184[.]179[.]252:443

Cobalt Stike Beacon Detected – 35[.]75[.]73[.]32:443

Malware Analysis – djvu – 311c3aac0ea507e2e10ff88fccb56c0a

Malware Analysis – amadey – 1cd8b593c078ed11ca602da358452c48

Malware Analysis – djvu – d258b0f01d011726b8fb5dc5ede50eab

Malware Analysis – smokeloader – b14dca575e3ba081aadd6ebbeffb3db4

Malware Analysis – smokeloader – 5cf0ffae39e55db6477398473d6d94e8

Cobalt Stike Beacon Detected – 79[.]137[.]202[.]62:443

Malware Analysis – amadey – 15f57d45fe2a1e8da248cf9b3723d775

Malware Analysis – amadey – c85fc2a2b01780ebaa4c8a194a6d1274

Malware Analysis – smokeloader – 66827360ebaead210fe55107c62b5c3f

Malware Analysis – djvu – c80d0ef14b0c0ba82b8d5fac2c775bc1

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

You may have missed