A Closer Look at Windows Kernel Threats
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access...
Security
Old vulnerabilities in Cisco products actively exploited in the wild
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild. Cisco has updated...
Kali Linux 2022.4 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2022.4. This release has various impressive updates.A summary of the changelog...
Malware Analysis – smokeloader – 048c5750cce12e02e62aa2f2b961629d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 048c5750cce12e02e62aa2f2b961629dSHA1: f3ada2cb30bb9425ceab9ebc7e862f632c2e1629ANALYSIS DATE: 2022-12-19T15:53:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 620a33b990761a4802b82b6ce657620a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 620a33b990761a4802b82b6ce657620aSHA1: 605b2d0c16e0a903118012e5dfc05165114cf816ANALYSIS DATE: 2022-12-19T16:29:34ZTTPS: T1012, T1082, T1060 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – f9f07daa6ac03183f15c467ac8458946
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: f9f07daa6ac03183f15c467ac8458946SHA1: ad43ea762aab0e8da955e58dabd42d7d840ffcbdANALYSIS DATE: 2022-12-19T15:01:38ZTTPS: T1005, T1081, T1222, T1082, T1012, T1053,...
Malware Analysis – djvu – 2e7c9cc96fafadb85f03fe0e0d70dbe8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 2e7c9cc96fafadb85f03fe0e0d70dbe8SHA1: cc1aca4021dc1d383b4b2bd55db789b08911e750ANALYSIS DATE: 2022-12-19T16:43:35ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – neshta – 6aa9acfb386ff6673ed8bd77c459ea5b
Score: 10 MALWARE FAMILY: neshtaTAGS:family:neshta, family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: 6aa9acfb386ff6673ed8bd77c459ea5bSHA1: 77e9926caeaf7bd23b832069384e1c02dd4ff78eANALYSIS DATE: 2022-12-19T17:18:03ZTTPS: T1490, T1059, T1107, T1005, T1081,...
Malware Analysis – djvu – 9206dd64291b57ef64ea8fc15cb77b62
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9206dd64291b57ef64ea8fc15cb77b62SHA1: 5ca61612241c01ee04cfeebcff6cdb8ab35051e0ANALYSIS DATE: 2022-12-19T17:26:22ZTTPS: T1053, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – ransomware – 0ca54a12dfeb248b5c0c2400ec288266
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0ca54a12dfeb248b5c0c2400ec288266SHA1: 9ef4d6cdc12fd7451dee17088de7adc85ffcc7caANALYSIS DATE: 2022-12-19T16:52:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 6512331eb3bda65b6ae1205d0633a1e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6512331eb3bda65b6ae1205d0633a1e1SHA1: 5ffe12c70577d58db50393b83599c3227c877282ANALYSIS DATE: 2022-12-19T17:05:50ZTTPS: T1005, T1081, T1222, T1082, T1012, T1053,...
Malware Analysis – djvu – 4d0d3ce86f2f7edc9cf08d3393e516e3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 4d0d3ce86f2f7edc9cf08d3393e516e3SHA1: c1dcb2c412f0512adcd8e287ca332435e0672818ANALYSIS DATE: 2022-12-19T17:30:57ZTTPS: T1222, T1082, T1053, T1130, T1112, T1060 ScoreMeaningExample10Known badA...
Malware Analysis – persistence – e27b637abe523503b19e6b57b95489ea
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: e27b637abe523503b19e6b57b95489eaSHA1: 875c3af49522b74045c7ac5cc7f07308e6091b02ANALYSIS DATE: 2022-12-19T17:46:04ZTTPS: T1060, T1112, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – fbb796cc4209793257bc08943e9bfa29
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: fbb796cc4209793257bc08943e9bfa29SHA1: 5200d89104d66cab7ee6418e1dc5eccc13bc5193ANALYSIS DATE: 2022-12-19T17:46:03ZTTPS: T1082, T1491, T1112, T1004, T1070, T1060, T1012, T1120, T1490...
Malware Analysis – djvu – 9228f870c82e0b331680b9fe90486722
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9228f870c82e0b331680b9fe90486722SHA1: f91f48f62bff5b8291589ccc150c7e8339daf66eANALYSIS DATE: 2022-12-19T17:50:17ZTTPS: T1060, T1112, T1082, T1005, T1081, T1012,...
Experts spotted a variant of the Agenda Ransomware written in Rust
Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro...
US Gov warns of BEC attacks to hijack shipments of food products
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients. The...
Shennina – Automating Host Exploitation With AI
Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis,...
Malware Analysis – smokeloader – f2c597e9fa52dd47f91af87220519dac
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f2c597e9fa52dd47f91af87220519dacSHA1: ac1f095102f466d2672a4c3f71ab4f5479d639d5ANALYSIS DATE: 2022-12-19T09:20:06ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – f9e572211e62a06b45cff719e1dd20bd
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: f9e572211e62a06b45cff719e1dd20bdSHA1: c08dd725ccb50eddae75e2eaba3c085384b5aba5ANALYSIS DATE: 2022-12-19T09:27:09ZTTPS: T1053, T1107, T1490, T1082, T1031, T1112, T1089, T1012, T1120...
Malware Analysis – chaos – b89623caba31b7994735f4f5bf437fcd
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, persistence, ransomware, spyware, stealerMD5: b89623caba31b7994735f4f5bf437fcdSHA1: 12687458b19ec21ba567ac2bc974434a55855b64ANALYSIS DATE: 2022-12-19T09:27:10ZTTPS: T1490, T1059, T1107, T1005, T1081, T1060,...
Malware Analysis – chaos – 79c1db9230bdd5766b516156f84c89a9
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, persistence, ransomware, spyware, stealerMD5: 79c1db9230bdd5766b516156f84c89a9SHA1: 82ac99d111262b7440fbb47824214d4efd033c8cANALYSIS DATE: 2022-12-19T09:27:10ZTTPS: T1490, T1059, T1107, T1491, T1112, T1082,...
Malware Analysis – phobos – 9d698f5fb023c21b0629273b0ef42594
Score: 10 MALWARE FAMILY: phobosTAGS:family:phobos, evasion, persistence, ransomware, spyware, stealerMD5: 9d698f5fb023c21b0629273b0ef42594SHA1: 76ba11bfc956c6c68b8d34731f6573e308d6771bANALYSIS DATE: 2022-12-19T09:27:10ZTTPS: T1490, T1059, T1107, T1031, T1005, T1081,...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]208:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
