Cobalt Stike Beacon Detected – 8[.]131[.]94[.]164:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Cobalt Stike Beacon Detected – 43[.]138[.]41[.]95:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 31779136196425ada7f38369086e99cc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 31779136196425ada7f38369086e99ccSHA1: 65121e085572620c45d16e6683663ead301e5b03ANALYSIS DATE: 2022-12-23T09:12:06ZTTPS: T1005, T1081, T1012, T1082, T1222, T1053,...
Malware Analysis – djvu – f667cb81fe70b79d3651127cbf34c1f3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: f667cb81fe70b79d3651127cbf34c1f3SHA1: 2aba0f68896664c65ffc6e166b051af73881005bANALYSIS DATE: 2022-12-23T10:20:38ZTTPS: T1005, T1081, T1012, T1082, T1053, T1060,...
Malware Analysis – djvu – e8af5b0c9d7b8d7f7357ee0fd9ea0218
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e8af5b0c9d7b8d7f7357ee0fd9ea0218SHA1: 58a6671307eda70e55ea15dbc46d32769e6b2823ANALYSIS DATE: 2022-12-23T10:15:15ZTTPS: T1082, T1130, T1112, T1060, T1222 ScoreMeaningExample10Known badA malware...
Malware Analysis – smokeloader – f5fd1959bf55c5a97a4267c676b6a781
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f5fd1959bf55c5a97a4267c676b6a781SHA1: 7f3914e91ea1c1290b3cc768cbdaa3dd547a2844ANALYSIS DATE: 2022-12-23T10:02:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 2d5f1f172ee74e3ad998059669e9e39e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 2d5f1f172ee74e3ad998059669e9e39eSHA1: 0ea9cf83108b57219d3c784ac1589ee5551c90a4ANALYSIS DATE: 2022-12-23T10:31:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – wannacry – c475b82f1e0b421e051622f034b1d5e3
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: c475b82f1e0b421e051622f034b1d5e3SHA1: e1cfa940659f8dcf46098f67ec3de711e7123cb5ANALYSIS DATE: 2022-12-23T11:21:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – wannacry – 8e6bfea06cb00553ee29b3822b349bd6
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 8e6bfea06cb00553ee29b3822b349bd6SHA1: 111be7f3c2978cbe22f4098eadff995a8484f769ANALYSIS DATE: 2022-12-23T11:20:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – c533ae1075eb8cdcf56416d0759733f8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: c533ae1075eb8cdcf56416d0759733f8SHA1: 24712686ecd9715c2d36cd830dd4ae07eede0c0aANALYSIS DATE: 2022-12-23T10:32:50ZTTPS: T1005, T1081, T1012, T1222, T1082, T1060,...
Malware Analysis – ransomware – 4d089f6d15b92693578b6f3ad414c9e7
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4d089f6d15b92693578b6f3ad414c9e7SHA1: 120f47d7510cbd64728ef53d4d2fa1b0a84e1d09ANALYSIS DATE: 2022-12-23T10:44:04ZTTPS: T1012, T1120, T1082, T1005, T1081, T1107, T1490, T1491, T1112...
Ransomware and wiper signed with stolen certificates
Introduction On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks...
Malware Analysis – smokeloader – cd2f32885f77776c6870994c9dea4b0e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cd2f32885f77776c6870994c9dea4b0eSHA1: 3afebca15a24af9a925523c7ff4fb5f196a17a7bANALYSIS DATE: 2022-12-23T03:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – cd259460368f6993bd59dbd869add7d6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cd259460368f6993bd59dbd869add7d6SHA1: 1a4bb76edacd425ceee03894e52eec3484fb17acANALYSIS DATE: 2022-12-23T05:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – c02eeb1769431e512a18cb8a8d6d346c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: c02eeb1769431e512a18cb8a8d6d346cSHA1: b803c2dede5ff1e9c69767569197ab0104b1e94aANALYSIS DATE: 2022-12-23T05:20:45ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 11ef4e7da7336b07a610f53246bd2a37
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 11ef4e7da7336b07a610f53246bd2a37SHA1: 51c2c3502d74aaf3fd4f253fb33a11425d64c6beANALYSIS DATE: 2022-12-23T04:40:48ZTTPS: T1222, T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – smokeloader – eed5dd7b206c7d4fb1b4c0bd50486a89
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: eed5dd7b206c7d4fb1b4c0bd50486a89SHA1: 19deb6f83a9c7859be8ce667bff7e34f0200cc40ANALYSIS DATE: 2022-12-23T04:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Using GitHub Actions to manage CI/CD for Empire
We’ve been using GitHub actions for Empire and Starkiller for quite some time now. It’s been a significant productivity boost...
Cobalt Stike Beacon Detected – 51[.]79[.]230[.]42:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]100[.]210[.]43:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 4[.]205[.]51[.]119:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – b1e6371800ed2beea2b05572054e5fa3
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b1e6371800ed2beea2b05572054e5fa3SHA1: 5e1f3278645fa1ff22d32e494a9c6580030d5232ANALYSIS DATE: 2022-12-22T21:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 79fe9ab1a7a010786684dfbb784b7837
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 79fe9ab1a7a010786684dfbb784b7837SHA1: 2d709acfb03604d76949053d42174e3d416ae515ANALYSIS DATE: 2022-12-22T21:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – b08b6219961caac74b033c88233c67f6
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b08b6219961caac74b033c88233c67f6SHA1: f4d8c562f51537b57b7c25ff552c736c383c2d60ANALYSIS DATE: 2022-12-22T21:31:49ZTTPS: T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
