threatintel

Cobalt Stike Beacon Detected – 173[.]82[.]196[.]58:443

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 129[.]152[.]2[.]128:443

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – aurora – a750f4f224ae7af1c886b39d1c5800d4

January 11, 2023

Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware, rat,...

Malware Analysis – wannacry – 5c7fb0927db37372da25f270708103a2

January 11, 2023

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, persistence, ransomware, spyware, stealer, wormMD5: 5c7fb0927db37372da25f270708103a2SHA1: 120ed9279d85cbfa56e5b7779ffa7162074f7a29ANALYSIS DATE: 2023-01-11T09:07:49ZTTPS: T1107, T1490, T1082, T1005, T1081, T1060,...

Malware Analysis – smokeloader – 70d0f4ca40cba87f64e1d482c2eb7167

January 11, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 70d0f4ca40cba87f64e1d482c2eb7167SHA1: 2b375e2d01a2bcc809cb5f3adb94d7b2cbd05470ANALYSIS DATE: 2023-01-11T09:31:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – xmrig – f91a4f2fe37f1008f8f2b0d597dbd5fa

January 11, 2023

Score: 10 MALWARE FAMILY: xmrigTAGS:family:xmrig, discovery, evasion, exploit, minerMD5: f91a4f2fe37f1008f8f2b0d597dbd5faSHA1: 3293698ca35076659fbaaac4868ba57afc3e560dANALYSIS DATE: 2023-01-11T09:23:30ZTTPS: T1031, T1562, T1489, T1222, T1082, T1102, T1112...

Cobalt Stike Beacon Detected – 54[.]151[.]146[.]41:80

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 107[.]189[.]3[.]56:443

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 103[.]45[.]143[.]169:80

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]113[.]224[.]80:80

January 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – f0fa800da38d447e5ec5488cf0533783

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f0fa800da38d447e5ec5488cf0533783SHA1: a18b649c13257ece20693771eda98eeb436d4248ANALYSIS DATE: 2023-01-11T10:20:44ZTTPS: T1082, T1053, T1012, T1060,...

Malware Analysis – discovery – 5a9d7261ca6fb48b5df18e3e5dcd12e4

January 11, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 5a9d7261ca6fb48b5df18e3e5dcd12e4SHA1: c5e5601e995437ff625939876c7cf5a30d8e29eaANALYSIS DATE: 2023-01-11T10:18:25ZTTPS: T1012, T1497, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA...

Malware Analysis – wannacry – 3e1358176d57982beb922f2902a37fad

January 11, 2023

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, persistence, ransomware, wormMD5: 3e1358176d57982beb922f2902a37fadSHA1: db139653e9dd7c669efdfddd69c991b72dcb428bANALYSIS DATE: 2023-01-11T10:21:05ZTTPS: T1012, T1082, T1060, T1112, T1067, T1491 ScoreMeaningExample10Known...

Malware Analysis – djvu – 003110423bef9777e6ef2a55473bd34f

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 003110423bef9777e6ef2a55473bd34fSHA1: 5a3036ea4d032f3f40a99cc5febd0133232e005eANALYSIS DATE: 2023-01-11T10:04:15ZTTPS: T1005, T1081, T1060, T1112,...

Malware Analysis – discovery – 992727441c0580255be639bd8a738be5

January 11, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 992727441c0580255be639bd8a738be5SHA1: e49881c98d86f8b7bd9b80d4d52872b2d4c340f8ANALYSIS DATE: 2023-01-11T11:46:10ZTTPS: T1060, T1012, T1497, T1082, T1112, T1042 ScoreMeaningExample10Known badA...

Malware Analysis – smokeloader – 476931064a8b0ecf9a4f5fefd0680a45

January 11, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 476931064a8b0ecf9a4f5fefd0680a45SHA1: ee254056c2b0ea556627f3700f3d387bda411952ANALYSIS DATE: 2023-01-11T11:51:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 2f11fdaaca22cb7c54bb336e80340d3e

January 11, 2023

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2f11fdaaca22cb7c54bb336e80340d3eSHA1: 3b2d7b85221ac8c0c7d7abcbb06566f53d20e7efANALYSIS DATE: 2023-01-11T11:24:50ZTTPS: T1005, T1081, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – b1a0dbcba5aa72bddf6a2619bd1c04d3

January 11, 2023

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b1a0dbcba5aa72bddf6a2619bd1c04d3SHA1: 80c34dc43c0e0ea556f0412bfa6807f2a956f369ANALYSIS DATE: 2023-01-11T10:51:09ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 3d1566b912f435ee324262e6b92e0d75

January 11, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 3d1566b912f435ee324262e6b92e0d75SHA1: 57467058f84b84998025420aef3ddd4c5dca1aedANALYSIS DATE: 2023-01-11T03:30:05ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – 17f5401b62b3efd7365ed67ee67bb59f

January 11, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 17f5401b62b3efd7365ed67ee67bb59fSHA1: da6b9313ab2f12353908f78990b80bf244507db0ANALYSIS DATE: 2023-01-11T03:48:46ZTTPS: T1060, T1112, T1012, T1082,...

Malware Analysis – – 1e88c975002679baa36e7849701b102a

January 11, 2023

Score: 3 MALWARE FAMILY: TAGS:MD5: 1e88c975002679baa36e7849701b102aSHA1: 31dda2ec43357ee058df677c6f5908dd836b10c2ANALYSIS DATE: 2023-01-11T03:22:00ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – aurora – bd32b492f046674ced01789233a3c80f

January 11, 2023

Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, collection, discovery, infostealer, loader, persistence, ransomware,...

Malware Analysis – evasion – 16386b9c1bde7c80723889785981bf32

January 11, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 16386b9c1bde7c80723889785981bf32SHA1: 0bc8a4dc49f16e81b14e5272a08f6934cd41bc17ANALYSIS DATE: 2023-01-11T04:45:13ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – b40a2374b51d487190fe535bb651aa3a

January 11, 2023

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b40a2374b51d487190fe535bb651aa3aSHA1: 23213f8f9ee58c3166101af2869783c90dfdff14ANALYSIS DATE: 2023-01-11T04:45:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

threatintel

Cobalt Stike Beacon Detected – 173[.]82[.]196[.]58:443

Cobalt Stike Beacon Detected – 129[.]152[.]2[.]128:443

Malware Analysis – aurora – a750f4f224ae7af1c886b39d1c5800d4

Malware Analysis – wannacry – 5c7fb0927db37372da25f270708103a2

Malware Analysis – smokeloader – 70d0f4ca40cba87f64e1d482c2eb7167

Malware Analysis – xmrig – f91a4f2fe37f1008f8f2b0d597dbd5fa

Cobalt Stike Beacon Detected – 54[.]151[.]146[.]41:80

Cobalt Stike Beacon Detected – 107[.]189[.]3[.]56:443

Cobalt Stike Beacon Detected – 103[.]45[.]143[.]169:80

Cobalt Stike Beacon Detected – 47[.]113[.]224[.]80:80

Malware Analysis – djvu – f0fa800da38d447e5ec5488cf0533783

Malware Analysis – discovery – 5a9d7261ca6fb48b5df18e3e5dcd12e4

Malware Analysis – wannacry – 3e1358176d57982beb922f2902a37fad

Malware Analysis – djvu – 003110423bef9777e6ef2a55473bd34f

Malware Analysis – discovery – 992727441c0580255be639bd8a738be5

Malware Analysis – smokeloader – 476931064a8b0ecf9a4f5fefd0680a45

Malware Analysis – ransomware – 2f11fdaaca22cb7c54bb336e80340d3e

Malware Analysis – ransomware – b1a0dbcba5aa72bddf6a2619bd1c04d3

Malware Analysis – ransomware – 3d1566b912f435ee324262e6b92e0d75

Malware Analysis – djvu – 17f5401b62b3efd7365ed67ee67bb59f

Malware Analysis – – 1e88c975002679baa36e7849701b102a

Malware Analysis – aurora – bd32b492f046674ced01789233a3c80f

Malware Analysis – evasion – 16386b9c1bde7c80723889785981bf32

Malware Analysis – ransomware – b40a2374b51d487190fe535bb651aa3a

[QILIN] – Ransomware Victim: Mainetti

[QILIN] – Ransomware Victim: fcsserves[.]org

CVE Alert: CVE-2025-6959

CVE Alert: CVE-2025-50405

CVE Alert: CVE-2025-6961

You may have missed