CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
Summary At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the...
Security
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
Researchers spotted a malicious package in the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for...
Cobalt Stike Beacon Detected – 39[.]98[.]50[.]48:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]46[.]131[.]172:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 138[.]197[.]165[.]105:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 79[.]137[.]202[.]62:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]104[.]195[.]224:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 15[.]164[.]155[.]60:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]165[.]16[.]58:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]58[.]73:8899
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]36[.]165[.]78:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]203[.]138:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]231[.]225:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]166[.]103:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]189[.]99[.]114:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]67[.]191[.]89:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]214[.]230:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – venus – f62590e838b1d13960abb6b363e03ed9
Score: 10 MALWARE FAMILY: venusTAGS:family:venus, evasion, persistence, ransomwareMD5: f62590e838b1d13960abb6b363e03ed9SHA1: 66f706a7d39038964471e0a009a76e0f978fb075ANALYSIS DATE: 2022-12-19T21:53:03ZTTPS: T1060, T1112, T1031, T1082, T1018, T1012, T1120 ScoreMeaningExample10Known...
Cobalt Stike Beacon Detected – 43[.]140[.]252[.]193:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 932e1fdc587695a02489692332c32522
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 932e1fdc587695a02489692332c32522SHA1: a47ec9890ca5e3cf0f030c0deb117a9cabd1ffeaANALYSIS DATE: 2022-12-19T21:52:51ZTTPS: T1082, T1012, T1053, T1005, T1081, T1060,...
Cobalt Stike Beacon Detected – 5[.]255[.]106[.]106:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]61:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 556bc8de79990e475f7131028e98ea2f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 556bc8de79990e475f7131028e98ea2fSHA1: b3c27bb39c09ce4c60cf379e36801e11c155b16dANALYSIS DATE: 2022-12-19T23:36:54ZTTPS: T1060, T1112, T1222, T1053, T1005, T1081,...
Cobalt Stike Beacon Detected – 195[.]189[.]99[.]114:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
