Cobalt Stike Beacon Detected – 47[.]92[.]227[.]151:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Cobalt Stike Beacon Detected – 52[.]43[.]159[.]70:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]96[.]116[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – nitro – a0c0192c30c048044421d25c23501582
Score: 10 MALWARE FAMILY: nitroTAGS:family:nitro, persistence, ransomware, spyware, stealerMD5: a0c0192c30c048044421d25c23501582SHA1: d6080d25a6439238d0a8e90e6bbfc229680ecf3bANALYSIS DATE: 2023-01-04T10:05:23ZTTPS: T1005, T1081, T1491, T1112, T1102, T1060, T1012,...
Malware Analysis – amadey – 6c5d5e80bab3b17f1b6faa5273e0b224
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 6c5d5e80bab3b17f1b6faa5273e0b224SHA1: e486b2da9876bd1205a6efd8098dd30b59a6454dANALYSIS...
Malware Analysis – djvu – a4b4e507ef0dc6c624c17badb10d29c9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a4b4e507ef0dc6c624c17badb10d29c9SHA1: d376a5af805dd6654af35f42f71a3303ff1905f6ANALYSIS DATE: 2023-01-04T10:20:49ZTTPS: T1082, T1012, T1053, T1222,...
Malware Analysis – ransomware – 0e2f34900a7e0324b91ca191fd043e74
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0e2f34900a7e0324b91ca191fd043e74SHA1: 8d34aca2b2ca50d3816b161493ec7440f2cbdbc0ANALYSIS DATE: 2023-01-04T10:53:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – 88fc55ed1a5295684fc77c36024060cf
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 88fc55ed1a5295684fc77c36024060cfSHA1: 3c09ac4a25c92f1f3a4052ee1e97659b39672925ANALYSIS DATE: 2023-01-04T11:26:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a83bee74074204ce9dd5e9780187aa0fSHA1: f80dca4216a824bdaea42ea1ce115ac8f66c05dbANALYSIS DATE: 2023-01-04T03:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4d50334081024a62178c18193ad7640aSHA1: 89f06b69f0acf9f1e625c5097b82b74c20030c8bANALYSIS DATE: 2023-01-04T03:04:12ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989
Score: 10 MALWARE FAMILY: meowTAGS:family:meow, ransomware, spyware, stealerMD5: 80637ef09441d910ae7bdda488eb9989SHA1: 638e3ca8c66e218a3bdc666d52c2a91a116b60d7ANALYSIS DATE: 2023-01-04T03:36:27ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cebed8210feb0d37479d62199049e0baSHA1: eec586742f917b65c73d2f99c11dd65072c4f298ANALYSIS DATE: 2023-01-04T03:41:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4b95b42cac7a11602b26caa41574d764SHA1: f64b7f29ecf8516d9d55bca8443f33d041b2b16aANALYSIS DATE: 2023-01-04T03:28:40ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan,...
Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 54e06155a4b0a099b9fe1ddc9f209329SHA1: 48b0ad39a74137e45a0d93cc5b339847b88d971cANALYSIS DATE: 2023-01-04T05:50:25ZTTPS: T1060, T1112, T1053, T1222,...
Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0c5cbe64b5cc615c77b6d2676300495eSHA1: 58aef51084d93563d9b4081c1b51acdb7745e931ANALYSIS DATE: 2023-01-04T04:19:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 943d8bacdfa116ec3a2e87fe7c8d8e63SHA1: 6fa3d75154f39ffed44291a9f1d6b12760cb5454ANALYSIS DATE: 2023-01-04T05:32:12ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – 2fd0cc05f8b64718dc4d894e14a0e8d1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 2fd0cc05f8b64718dc4d894e14a0e8d1SHA1: c9fae77309397f25dfdb9bf3b3515494f061b8ecANALYSIS DATE: 2023-01-04T04:37:04ZTTPS: T1222, T1053, T1005, T1081,...
PXEThief – Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager
PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out...
Malware Analysis – ransomware – a41afe748aed818ab6ac94e81bdde610
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a41afe748aed818ab6ac94e81bdde610SHA1: 9468012acf6df7a0e593f41e0da8123f541277dfANALYSIS DATE: 2023-01-03T15:28:36ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – f714964febf0482d0781116faf95c797
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomware, upxMD5: f714964febf0482d0781116faf95c797SHA1: 41a1ab64d4ac85618a2241581b8c5c9b98691577ANALYSIS DATE: 2023-01-03T15:07:20ZTTPS: T1082, T1012, T1120, T1158 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – discovery – f3257310b37b572a371c05dd0bb419ef
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: f3257310b37b572a371c05dd0bb419efSHA1: 6c9354a3bb7246af254f00b4adb01b556adc1e8eANALYSIS DATE: 2023-01-03T15:00:01ZTTPS: T1050, T1012, T1060, T1222, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – ca36f7252b0fc1f54c7d1f4c554f4e83
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ca36f7252b0fc1f54c7d1f4c554f4e83SHA1: d42db97d04c519fac40d4a641eea0f868375d32bANALYSIS DATE: 2023-01-03T17:04:47ZTTPS: T1053, T1012, T1060, T1112,...
Malware Analysis – djvu – 42cd30f9e9cb1715d3b9e2f38617f9de
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 42cd30f9e9cb1715d3b9e2f38617f9deSHA1: a765a8172e191f1a6d243a1a4b6dfdedc2e179f7ANALYSIS DATE: 2023-01-03T16:32:51ZTTPS: T1005, T1081, T1060, T1112,...
