Ransomware Toolkit Cryptonite turning into an accidental wiper
Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of...
Security
Crook sentenced to 18 months for stealing $20M in SIM swapping attack
Nicholas Truglia, from Florida, US, was sentenced to 18 months in prison for stealing more than $20 million in a...
Crimeware trends: self-propagation and driver exploitation
Introduction If one sheep leaps over the ditch, the rest will follow. This is an old saying, found in various...
Malware Analysis – dcrat – 754d98177706d0573f13854c065b2fa3
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 754d98177706d0573f13854c065b2fa3SHA1:...
Malware Analysis – evasion – 63efdf8cc139715dd15789598f8eb98e
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 63efdf8cc139715dd15789598f8eb98eSHA1: 6dff16b791f2eebad704f4660ad36ed3a15feeb6ANALYSIS DATE: 2022-12-03T04:17:19ZTTPS: T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – cb721cafc5871f6407d27b3bb9dc978c
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojan, upxMD5: cb721cafc5871f6407d27b3bb9dc978cSHA1: 64f32bdf9432c0601d76c454f11a37935403b47bANALYSIS DATE: 2022-12-03T04:57:57ZTTPS: T1490, T1004, T1112, T1088, T1089, T1060, T1082...
Malware Analysis – persistence – 7d6490486d6c6c55e5c6758b700af423
Score: 6 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 7d6490486d6c6c55e5c6758b700af423SHA1: 4b2da4042b2de3be4ec732bbb8f2401ea1718aafANALYSIS DATE: 2022-12-03T06:08:56ZTTPS: T1491, T1112, T1060 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – evasion – e37a0ece30267233f1dddf3c2300393f
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e37a0ece30267233f1dddf3c2300393fSHA1: 27610367c41c1b8d3a26885b40fd7aac748189b2ANALYSIS DATE: 2022-12-06T03:34:36ZTTPS: T1082, T1107, T1490, T1070 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – cec35c05dd34007698f769cdfd7030c3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: cec35c05dd34007698f769cdfd7030c3SHA1: fc50f1ee05744e02c0a959edfd88d28b23ded937ANALYSIS DATE: 2022-12-06T03:56:55ZTTPS: T1082, T1222, T1012, T1005,...
Malware Analysis – smokeloader – 3bbb5e709f340f0f6cba6582ac412c4a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3bbb5e709f340f0f6cba6582ac412c4aSHA1: a81cfeb21bc645d51f2a959ba96e78e1438b5619ANALYSIS DATE: 2022-12-06T03:09:02ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – globeimposter – 1bb12439b687e78b4533d9f7bcd46e2c
Score: 10 MALWARE FAMILY: globeimposterTAGS:family:globeimposter, persistence, ransomwareMD5: 1bb12439b687e78b4533d9f7bcd46e2cSHA1: 809371c39aa8e11cf1a50060f892106c94de0829ANALYSIS DATE: 2022-12-06T04:01:38ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – bootkit – 505bce79704649f8bb695b04ef01f430
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, persistence, ransomwareMD5: 505bce79704649f8bb695b04ef01f430SHA1: 787e714e8a0ddaaf096054dc1466540c47da273aANALYSIS DATE: 2022-12-06T05:11:20ZTTPS: T1012, T1082, T1067, T1060, T1112, T1491 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – dd51091e8733e503c5acb924a84ed62c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: dd51091e8733e503c5acb924a84ed62cSHA1: 2ee2fe8472891a09ac90b7b5981aa016d4afd9dbANALYSIS DATE: 2022-12-06T05:30:18ZTTPS:...
Malware Analysis – djvu – 047f125b610be2b862cc90212b5a4698
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 047f125b610be2b862cc90212b5a4698SHA1: 51d18be8810fe47c74de50587a358a12d6fee75eANALYSIS DATE: 2022-12-06T05:30:53ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – djvu – e83f4f0e9e752208162ebd60f20ebc4b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e83f4f0e9e752208162ebd60f20ebc4bSHA1: 5f67d8476fc40df94906388b52753b466b1ac639ANALYSIS DATE: 2022-12-06T05:29:28ZTTPS: T1060, T1112, T1005, T1081,...
Cobalt Stike Beacon Detected – 3[.]110[.]169[.]188:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 156[.]234[.]180[.]234:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]175[.]91[.]198:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]73[.]133[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]31[.]168:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]141[.]120:2222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]234[.]19[.]234:4567
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]146[.]252[.]106:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]188[.]86[.]196:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
