Security

Cobalt Stike Beacon Detected – 39[.]108[.]0[.]113:443

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 204[.]44[.]125[.]106:80

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – b0d233967b73fac1fbfa6114ec7fa26d

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1808, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: b0d233967b73fac1fbfa6114ec7fa26dSHA1: 405869adde2b9b24e106038b33ace894d3420062ANALYSIS DATE:...

Malware Analysis – ermac – 35e91deffa2d5392c8d0afa3e83db6a9

December 13, 2022

Score: 10 MALWARE FAMILY: ermacTAGS:family:ermac, banker, evasion, infostealer, ransomware, trojanMD5: 35e91deffa2d5392c8d0afa3e83db6a9SHA1: 98b6acf59125ee3a37c0d4c3ab7cf6f295958f6eANALYSIS DATE: 2022-12-13T10:10:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ermac – 4241a3067b87e687be063feb545fc3c2

December 13, 2022

Score: 10 MALWARE FAMILY: ermacTAGS:family:ermac, banker, evasion, infostealer, ransomware, trojanMD5: 4241a3067b87e687be063feb545fc3c2SHA1: 05d7fe38dd0b7f2132a9e7e9f0cecf585debbb65ANALYSIS DATE: 2022-12-13T10:39:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – cbf081e42318d731b5223c0eeb5c4b97

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: cbf081e42318d731b5223c0eeb5c4b97SHA1: d0cc1b387aae6a833cd95a74d99ba49d55346107ANALYSIS DATE: 2022-12-13T10:34:38ZTTPS: T1012, T1082, T1053, T1005, T1081, T1222,...

Cobalt Stike Beacon Detected – 103[.]43[.]12[.]106:443

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 49[.]0[.]192[.]16:8080

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]138[.]236[.]103:443

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]92[.]217[.]197:443

December 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – dcrat – b5edc62fc06a612dc1edfaa0e6fdaa35

December 13, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:1808, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5:...

Malware Analysis – smokeloader – 5d041a4006ed3f18eef822470c83ed9c

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5d041a4006ed3f18eef822470c83ed9cSHA1: 14d269a9c95ecd7a643fe7f5487ef468986f5d9dANALYSIS DATE: 2022-12-13T11:57:40ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 71b38cbdfd2391a63cfb85818ecc42a8

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 71b38cbdfd2391a63cfb85818ecc42a8SHA1: 708d1da006924898eddf09bddc86d4c738103d41ANALYSIS DATE: 2022-12-13T10:41:19ZTTPS: T1222, T1082, T1053, T1012, T1060, T1112,...

Malware Analysis – ermac – 72b3faff0779e1ddaef3a317fbefa29c

December 13, 2022

Score: 10 MALWARE FAMILY: ermacTAGS:family:ermac, banker, evasion, infostealer, ransomware, trojanMD5: 72b3faff0779e1ddaef3a317fbefa29cSHA1: 6af79ef669a9250ae2599348f103f772817c88a2ANALYSIS DATE: 2022-12-13T10:41:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Twitter says recently leaked user data are from 2021 breach

December 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022....

Malware Analysis – djvu – 27b2b0f56a96792e4a87799bc5983d45

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1808, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 27b2b0f56a96792e4a87799bc5983d45SHA1: 5f18ed76dd5cb6b6820e8384e63d324771227aa6ANALYSIS DATE:...

Malware Analysis – djvu – 31ab55838ad60dcce8fc22ff24614d76

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1808, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 31ab55838ad60dcce8fc22ff24614d76SHA1: 1e33acddb01d65ddd1dfd0a7c96de5537e84b82bANALYSIS DATE:...

Malware Analysis – lockbit – 38a0313aaad67d4c34ef96225c5c4603

December 13, 2022

Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, discovery, evasion, persistence, ransomwareMD5: 38a0313aaad67d4c34ef96225c5c4603SHA1: 88bad08303135cfa65efc1b505e993b917071104ANALYSIS DATE: 2022-12-13T04:33:06ZTTPS: T1490, T1046, T1082, T1107, T1060, T1112 ScoreMeaningExample10Known...

Malware Analysis – djvu – ad11601c8003994fea9cf502f77cefd8

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: ad11601c8003994fea9cf502f77cefd8SHA1: 78764391ee3ebf81d09b5def7a4436a07bd4cd7bANALYSIS DATE: 2022-12-13T05:43:45ZTTPS: T1005, T1081, T1060, T1112, T1222, T1082,...

Malware Analysis – djvu – e4abac89f0c02ab08125acc019535b2e

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e4abac89f0c02ab08125acc019535b2eSHA1: e9d43e1c239006b102e4c741523be38e80d082f3ANALYSIS DATE: 2022-12-13T05:25:03ZTTPS: T1053, T1130, T1112, T1060, T1222, T1082 ScoreMeaningExample10Known badA...

Security

Cobalt Stike Beacon Detected – 39[.]108[.]0[.]113:443

Cobalt Stike Beacon Detected – 204[.]44[.]125[.]106:80

Malware Analysis – djvu – b0d233967b73fac1fbfa6114ec7fa26d

Malware Analysis – ermac – 35e91deffa2d5392c8d0afa3e83db6a9

Malware Analysis – ermac – 4241a3067b87e687be063feb545fc3c2

Malware Analysis – djvu – cbf081e42318d731b5223c0eeb5c4b97

Cobalt Stike Beacon Detected – 103[.]43[.]12[.]106:443

Cobalt Stike Beacon Detected – 49[.]0[.]192[.]16:8080

Cobalt Stike Beacon Detected – 43[.]138[.]236[.]103:443

Cobalt Stike Beacon Detected – 47[.]92[.]217[.]197:443

Malware Analysis – dcrat – b5edc62fc06a612dc1edfaa0e6fdaa35

Malware Analysis – smokeloader – 5d041a4006ed3f18eef822470c83ed9c

Malware Analysis – djvu – 71b38cbdfd2391a63cfb85818ecc42a8

Malware Analysis – ermac – 72b3faff0779e1ddaef3a317fbefa29c

Twitter says recently leaked user data are from 2021 breach

Malware Analysis – djvu – 27b2b0f56a96792e4a87799bc5983d45

Malware Analysis – djvu – 31ab55838ad60dcce8fc22ff24614d76

Malware Analysis – lockbit – 38a0313aaad67d4c34ef96225c5c4603

Malware Analysis – djvu – ad11601c8003994fea9cf502f77cefd8

Malware Analysis – djvu – e4abac89f0c02ab08125acc019535b2e

Cobalt Stike Beacon Detected – 43[.]142[.]31[.]225:80

Cobalt Stike Beacon Detected – 79[.]137[.]207[.]137:443

Cobalt Stike Beacon Detected – 124[.]223[.]216[.]146:8082

Cobalt Stike Beacon Detected – 62[.]204[.]41[.]171:443

[QILIN] – Ransomware Victim: Ritenour School District

[CICADA3301] – Ransomware Victim: B&M – Expertise – Audit

[AKIRA] – Ransomware Victim: LeasePLUS

[AKIRA] – Ransomware Victim: Polykar

CVE Alert: CVE-2025-23270

You may have missed