threatintel

Cobalt Stike Beacon Detected – 88[.]218[.]193[.]100:443

January 4, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]92[.]227[.]151:80

January 4, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 52[.]43[.]159[.]70:80

January 4, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 39[.]96[.]116[.]31:80

January 4, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – nitro – a0c0192c30c048044421d25c23501582

January 4, 2023

Score: 10 MALWARE FAMILY: nitroTAGS:family:nitro, persistence, ransomware, spyware, stealerMD5: a0c0192c30c048044421d25c23501582SHA1: d6080d25a6439238d0a8e90e6bbfc229680ecf3bANALYSIS DATE: 2023-01-04T10:05:23ZTTPS: T1005, T1081, T1491, T1112, T1102, T1060, T1012,...

Malware Analysis – amadey – 6c5d5e80bab3b17f1b6faa5273e0b224

January 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 6c5d5e80bab3b17f1b6faa5273e0b224SHA1: e486b2da9876bd1205a6efd8098dd30b59a6454dANALYSIS...

Malware Analysis – ransomware – 0e2f34900a7e0324b91ca191fd043e74

January 4, 2023

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0e2f34900a7e0324b91ca191fd043e74SHA1: 8d34aca2b2ca50d3816b161493ec7440f2cbdbc0ANALYSIS DATE: 2023-01-04T10:53:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – smokeloader – 88fc55ed1a5295684fc77c36024060cf

January 4, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 88fc55ed1a5295684fc77c36024060cfSHA1: 3c09ac4a25c92f1f3a4052ee1e97659b39672925ANALYSIS DATE: 2023-01-04T11:26:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – a4b4e507ef0dc6c624c17badb10d29c9

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a4b4e507ef0dc6c624c17badb10d29c9SHA1: d376a5af805dd6654af35f42f71a3303ff1905f6ANALYSIS DATE: 2023-01-04T10:20:49ZTTPS: T1082, T1012, T1053, T1222,...

Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f

January 4, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a83bee74074204ce9dd5e9780187aa0fSHA1: f80dca4216a824bdaea42ea1ce115ac8f66c05dbANALYSIS DATE: 2023-01-04T03:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4d50334081024a62178c18193ad7640aSHA1: 89f06b69f0acf9f1e625c5097b82b74c20030c8bANALYSIS DATE: 2023-01-04T03:04:12ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989

January 4, 2023

Score: 10 MALWARE FAMILY: meowTAGS:family:meow, ransomware, spyware, stealerMD5: 80637ef09441d910ae7bdda488eb9989SHA1: 638e3ca8c66e218a3bdc666d52c2a91a116b60d7ANALYSIS DATE: 2023-01-04T03:36:27ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba

January 4, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cebed8210feb0d37479d62199049e0baSHA1: eec586742f917b65c73d2f99c11dd65072c4f298ANALYSIS DATE: 2023-01-04T03:41:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764

January 4, 2023

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4b95b42cac7a11602b26caa41574d764SHA1: f64b7f29ecf8516d9d55bca8443f33d041b2b16aANALYSIS DATE: 2023-01-04T03:28:40ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99

January 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan,...

Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 54e06155a4b0a099b9fe1ddc9f209329SHA1: 48b0ad39a74137e45a0d93cc5b339847b88d971cANALYSIS DATE: 2023-01-04T05:50:25ZTTPS: T1060, T1112, T1053, T1222,...

Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e

January 4, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0c5cbe64b5cc615c77b6d2676300495eSHA1: 58aef51084d93563d9b4081c1b51acdb7745e931ANALYSIS DATE: 2023-01-04T04:19:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 943d8bacdfa116ec3a2e87fe7c8d8e63SHA1: 6fa3d75154f39ffed44291a9f1d6b12760cb5454ANALYSIS DATE: 2023-01-04T05:32:12ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – djvu – 2fd0cc05f8b64718dc4d894e14a0e8d1

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 2fd0cc05f8b64718dc4d894e14a0e8d1SHA1: c9fae77309397f25dfdb9bf3b3515494f061b8ecANALYSIS DATE: 2023-01-04T04:37:04ZTTPS: T1222, T1053, T1005, T1081,...

threatintel

Cobalt Stike Beacon Detected – 88[.]218[.]193[.]100:443

Cobalt Stike Beacon Detected – 47[.]92[.]227[.]151:80

Cobalt Stike Beacon Detected – 52[.]43[.]159[.]70:80

Cobalt Stike Beacon Detected – 39[.]96[.]116[.]31:80

Malware Analysis – nitro – a0c0192c30c048044421d25c23501582

Malware Analysis – amadey – 6c5d5e80bab3b17f1b6faa5273e0b224

Malware Analysis – ransomware – 0e2f34900a7e0324b91ca191fd043e74

Malware Analysis – smokeloader – 88fc55ed1a5295684fc77c36024060cf

Malware Analysis – djvu – a4b4e507ef0dc6c624c17badb10d29c9

Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f

Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a

Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989

Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba

Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764

Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99

Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329

Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e

Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63

Malware Analysis – djvu – 2fd0cc05f8b64718dc4d894e14a0e8d1

Synology fixes maximum severity vulnerability in VPN routers

Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

Ransomware impacts over 200 govt, edu, healthcare orgs in 2022

BitRAT malware campaign uses stolen bank data for phishing

BleepingComputer’s most popular cybersecurity stories of 2022

[SARCOMA] – Ransomware Victim: Cameron, Hodges, Coleman, LaPointe

[NIGHTSPIRE] – Ransomware Victim: Eversendai

[NIGHTSPIRE] – Ransomware Victim: Premier 1888 Ltd[.]

[NIGHTSPIRE] – Ransomware Victim: JIEI CO[.], LTD

CVE Alert: CVE-2025-32462

You may have missed