threatintel

Cobalt Stike Beacon Detected – 5[.]188[.]86[.]194:443

January 5, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – spyware – f65a05f7af44b5054e8b77aa0ce1468c

January 5, 2023

Score: 8 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: f65a05f7af44b5054e8b77aa0ce1468cSHA1: 683ca30368c8150776f26ff470129028c5fdfa12ANALYSIS DATE: 2023-01-04T22:22:31ZTTPS: T1102, T1005, T1081, T1012, T1082 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – djvu – e556df5dafcb1cba319216b0ab250c37

January 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e556df5dafcb1cba319216b0ab250c37SHA1: 83a3af0ee04454412044accf81d0f2b93cc2aa59ANALYSIS DATE: 2023-01-04T22:45:26ZTTPS: T1222, T1012, T1082, T1060,...

Malware Analysis – discovery – bedb06e830e94cbd82a964874a79b35a

January 5, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: bedb06e830e94cbd82a964874a79b35aSHA1: 6ed5453096529de19235d223a475a0cfa706425fANALYSIS DATE: 2023-01-04T22:31:12ZTTPS: T1012, T1120, T1082, T1057, T1031, T1222, T1562, T1489,...

Malware Analysis – amadey – b5a3f6244498a9aff40f6e3c9764e3d5

January 5, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan, vmprotectMD5: b5a3f6244498a9aff40f6e3c9764e3d5SHA1: 896d4bc913f77d15f2666b8212eab0483ac9940eANALYSIS DATE:...

Empire C2 Detected – 109[.]200[.]24[.]62:443

January 5, 2023

The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...

Malware Analysis – amadey – 81ede1353918bc7bd5fa5fd237365764

January 5, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:555555555444, botnet:@redlinevip cloud (tg: @fatherofcarders), botnet:logss, backdoor, brand:microsoft, collection,...

Malware Analysis – djvu – 8f8eca0d17868d69f770cded01f0e515

January 5, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8f8eca0d17868d69f770cded01f0e515SHA1: 7a300200faed480c61fd71319ce2dd1dd5ba29b1ANALYSIS DATE: 2023-01-04T23:15:48ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – discovery – 2c628cca730d954ab017d56992c5afdf

January 5, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 2c628cca730d954ab017d56992c5afdfSHA1: 4686d228df5031e36cd3db6b76571f19f0e6781aANALYSIS DATE: 2023-01-04T23:12:35ZTTPS: T1082, T1012, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...

Malware Analysis – – 8c95b758ba42a8920cc4803172392b69

January 5, 2023

Score: 3 MALWARE FAMILY: TAGS:MD5: 8c95b758ba42a8920cc4803172392b69SHA1: 8f769c533a14defed94e51854ca5793d42d5cfe7ANALYSIS DATE: 2023-01-04T23:17:26ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

US-CERT Bulletin (SB23-002):Vulnerability Summary for the Week of December 26, 2022

January 4, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...

Malware Analysis – djvu – a043928a2208fb9a3e90bc9a17e86770

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a043928a2208fb9a3e90bc9a17e86770SHA1: 4eb744d6e8db83b27c93d99956e1fd2207542693ANALYSIS DATE: 2023-01-04T15:43:52ZTTPS: T1005, T1081, T1222, T1060,...

Malware Analysis – discovery – d54c644994f501358b6074a0ce2f331b

January 4, 2023

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, upxMD5: d54c644994f501358b6074a0ce2f331bSHA1: 863d56e70d675eab6e83909fb587ad9e802bcce2ANALYSIS DATE: 2023-01-04T15:46:58ZTTPS: T1082, T1112, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 5e1d6ebab9c938c51fbbe6fd752a9fb4

January 4, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5e1d6ebab9c938c51fbbe6fd752a9fb4SHA1: 36afe236236328d4f853ca1923ba8382712c33e5ANALYSIS DATE: 2023-01-04T17:32:26ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – 578be748607a89ea3df1c31c52a202c1

January 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 578be748607a89ea3df1c31c52a202c1SHA1: f868c590736d08d9a74ae470e846950822effa51ANALYSIS...

Malware Analysis – discovery – 4e168b9677f1c914fbfbafc2844ef67c

January 4, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 4e168b9677f1c914fbfbafc2844ef67cSHA1: 942c1398f801e6bdcec164efa0870cacc6291785ANALYSIS DATE: 2023-01-04T16:30:01ZTTPS: T1012, T1082, T1112, T1042, T1060, T1120 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – a93639ae8e708ff7b6642f0fab234edd

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a93639ae8e708ff7b6642f0fab234eddSHA1: 3e3ca94af531ec5386e1df14bbeea448ae75d613ANALYSIS DATE: 2023-01-04T16:14:24ZTTPS: T1060, T1112, T1005, T1081,...

threatintel

Cobalt Stike Beacon Detected – 5[.]188[.]86[.]194:443

Malware Analysis – spyware – f65a05f7af44b5054e8b77aa0ce1468c

Malware Analysis – djvu – e556df5dafcb1cba319216b0ab250c37

Malware Analysis – discovery – bedb06e830e94cbd82a964874a79b35a

Malware Analysis – amadey – b5a3f6244498a9aff40f6e3c9764e3d5

Empire C2 Detected – 109[.]200[.]24[.]62:443

Malware Analysis – amadey – 81ede1353918bc7bd5fa5fd237365764

Malware Analysis – djvu – 8f8eca0d17868d69f770cded01f0e515

Malware Analysis – discovery – 2c628cca730d954ab017d56992c5afdf

Malware Analysis – – 8c95b758ba42a8920cc4803172392b69

US-CERT Bulletin (SB23-002):Vulnerability Summary for the Week of December 26, 2022

Malware Analysis – djvu – a043928a2208fb9a3e90bc9a17e86770

Malware Analysis – discovery – d54c644994f501358b6074a0ce2f331b

Malware Analysis – smokeloader – 5e1d6ebab9c938c51fbbe6fd752a9fb4

Malware Analysis – amadey – 578be748607a89ea3df1c31c52a202c1

Malware Analysis – discovery – 4e168b9677f1c914fbfbafc2844ef67c

Malware Analysis – djvu – a93639ae8e708ff7b6642f0fab234edd

CISA: Fortinet Releases Security Updates for FortiADC

Cobalt Stike Beacon Detected – 47[.]94[.]172[.]106:9898

Cobalt Stike Beacon Detected – 149[.]127[.]232[.]17:80

Cobalt Stike Beacon Detected – 45[.]61[.]187[.]167:80

Cobalt Stike Beacon Detected – 47[.]108[.]150[.]23:443

Cobalt Stike Beacon Detected – 20[.]225[.]139[.]12:80

Cobalt Stike Beacon Detected – 8[.]134[.]63[.]69:443

[SARCOMA] – Ransomware Victim: Cameron, Hodges, Coleman, LaPointe

[NIGHTSPIRE] – Ransomware Victim: Eversendai

[NIGHTSPIRE] – Ransomware Victim: Premier 1888 Ltd[.]

[NIGHTSPIRE] – Ransomware Victim: JIEI CO[.], LTD

CVE Alert: CVE-2025-32462

You may have missed