threatintel

US-CERT Bulletin (SB23-052):Vulnerability Summary for the Week of February 13, 2023

February 23, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...

Malware Analysis – mountlocker – 0aacf2c41ba9b872a52055ffcaeaef15

February 23, 2023

Score: 10 MALWARE FAMILY: mountlockerTAGS:family:mountlocker, ransomwareMD5: 0aacf2c41ba9b872a52055ffcaeaef15SHA1: c09b509699aeef71f3e205d53c5f4ff71cb48570ANALYSIS DATE: 2023-02-23T16:02:30ZTTPS: T1112, T1107, T1490, T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – – 472abbedcbad24dba5b5f5e8d02c340f

February 23, 2023

Score: 1 MALWARE FAMILY: TAGS:MD5: 472abbedcbad24dba5b5f5e8d02c340fSHA1: 974f62b5c2e149c3879dd16e5a9dbb9406c3db85ANALYSIS DATE: 2023-02-23T14:34:01ZTTPS: T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – a1d2f5979604c9c1d46c896ab1b9f3b6

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a1d2f5979604c9c1d46c896ab1b9f3b6SHA1: 245e2a40e7cfd01ac890ab9de979ebb265b3092eANALYSIS DATE: 2023-02-23T16:10:24ZTTPS: T1012, T1005, T1081, T1060, T1112,...

Malware Analysis – discovery – 7b89518d8d9d7eb4394dea53e42d4f81

February 23, 2023

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 7b89518d8d9d7eb4394dea53e42d4f81SHA1: e40d893f22d6da1396c864dd814360114ddb6a5cANALYSIS DATE: 2023-02-23T16:19:21ZTTPS: T1082, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – 463023befd73ec21c8ada33cba37de13

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 463023befd73ec21c8ada33cba37de13SHA1: 112c05deee2cfef09a6300c02ec29d33ac1da055ANALYSIS DATE: 2023-02-23T16:11:55ZTTPS: T1060, T1112, T1082, T1053, T1005,...

Malware Analysis – djvu – e9906e8971a3ab245016d1a0fab0f94d

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:pseudomanuscrypt, family:smokeloader, family:vidar, backdoor, discovery, evasion, loader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e9906e8971a3ab245016d1a0fab0f94dSHA1: bf301e931741109da5bda00abdd83b4bcc30aee3ANALYSIS...

Malware Analysis – djvu – c5fc1f574f281aa6aaa5ab0f8a829018

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:pseudomanuscrypt, family:smokeloader, family:vidar, backdoor, discovery, evasion, loader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: c5fc1f574f281aa6aaa5ab0f8a829018SHA1: 85bc7e3560825623eab6cc767bab68efb143b3efANALYSIS...

Malware Analysis – djvu – 6fb398c93bbe1ce6af0d0d3cf0b1a699

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 6fb398c93bbe1ce6af0d0d3cf0b1a699SHA1: 0d8768ad8290b0db7a8c2d44aa68fe84dbfbbc24ANALYSIS DATE: 2023-02-23T16:55:31ZTTPS: T1222, T1053, T1012, T1082, T1005,...

Malware Analysis – djvu – bb1ceae3834709de46833deea9f4927c

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: bb1ceae3834709de46833deea9f4927cSHA1: 350184737a3293cf0bfb16c687cb57e3e4339672ANALYSIS DATE: 2023-02-23T16:51:22ZTTPS: T1222, T1082, T1053, T1012, T1005,...

Malware Analysis – djvu – acb7b62e1f6082d8ad7d7d4fbae292d8

February 23, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: acb7b62e1f6082d8ad7d7d4fbae292d8SHA1: a098569d871d21f8380ac0245a4dd8bd90af0a1eANALYSIS DATE: 2023-02-23T16:32:54ZTTPS: T1060,...

threatintel

US-CERT Bulletin (SB23-052):Vulnerability Summary for the Week of February 13, 2023

Malware Analysis – mountlocker – 0aacf2c41ba9b872a52055ffcaeaef15

Malware Analysis – – 472abbedcbad24dba5b5f5e8d02c340f

Malware Analysis – djvu – a1d2f5979604c9c1d46c896ab1b9f3b6

Malware Analysis – discovery – 7b89518d8d9d7eb4394dea53e42d4f81

Malware Analysis – djvu – 463023befd73ec21c8ada33cba37de13

Malware Analysis – djvu – e9906e8971a3ab245016d1a0fab0f94d

Malware Analysis – djvu – c5fc1f574f281aa6aaa5ab0f8a829018

Malware Analysis – djvu – 6fb398c93bbe1ce6af0d0d3cf0b1a699

Malware Analysis – djvu – bb1ceae3834709de46833deea9f4927c

Malware Analysis – djvu – acb7b62e1f6082d8ad7d7d4fbae292d8

CISA: VMware Releases Security Updates for Carbon Black App Control

New S1deload Malware Hijacking Users’ Social Media Accounts and Mining Cryptocurrency

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

New Hacking Cluster ‘Clasiopa’ Targeting Materials Research Organizations in Asia

The Secret Vulnerability Finance Execs are Missing

Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products

Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware

Cobalt Stike Beacon Detected – 124[.]223[.]31[.]74:5555

Cobalt Stike Beacon Detected – 158[.]255[.]208[.]60:8443

Cobalt Stike Beacon Detected – 14[.]29[.]187[.]171:999

BlackCat/ALPHV Ransomware Victim: Kendall Hunt Publishing

BlackCat/ALPHV Ransomware Victim: PRESTIGE MAINTENANCE USA WAS HACKED

BlackCat/ALPHV Ransomware Victim: Glovers Solicitors LLP

Brute Ratel C4 Detected – 54[.]95[.]111[.]44:80

[QILIN] – Ransomware Victim: Hitzinger

[HANDALA] – Ransomware Victim: Saturday Spotlight

[QILIN] – Ransomware Victim: SHRM New Mexico

25 Years Of Meatbags Permanently In Space On The Iss

You may have missed