Cobalt Stike Beacon Detected – 107[.]172[.]29[.]162:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: October 2022
Malware Analysis – smokeloader –
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: SHA1: ANALYSIS DATE: 2022-10-05T21:48:24ZTTPS: T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – fec683cf03741607291f6c6b8022c98c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: fec683cf03741607291f6c6b8022c98cSHA1: 18a49af627edf179525029421e11209940eae738ANALYSIS DATE: 2022-10-05T22:02:26ZTTPS: T1012, T1005, T1081, T1060,...
Malware Analysis – smokeloader – 0b28c768b2688d0b845c6cc8fd1c0c0d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 0b28c768b2688d0b845c6cc8fd1c0c0dSHA1: 9c90b3b6675075e7e36199f9ece3fd4d8231b810ANALYSIS DATE: 2022-10-05T21:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 0b28c768b2688d0b845c6cc8fd1c0c0d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 0b28c768b2688d0b845c6cc8fd1c0c0dSHA1: 9c90b3b6675075e7e36199f9ece3fd4d8231b810ANALYSIS DATE: 2022-10-05T21:43:30ZTTPS:...
Malware Analysis – djvu – fed15979d927202175a67f39a2de5b73
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1681, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: fed15979d927202175a67f39a2de5b73SHA1: 541da8999a0f81a12122344eeafe3b030a09a4abANALYSIS DATE:...
Malware Analysis – djvu – 63c01caec4e90ba172267c966f717737
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 63c01caec4e90ba172267c966f717737SHA1: cc53db13dedd5b2ccecfd8e726f07af298496173ANALYSIS DATE: 2022-10-05T22:44:44ZTTPS: T1053, T1005, T1081, T1222,...
Malware Analysis – smokeloader – fed15979d927202175a67f39a2de5b73
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: fed15979d927202175a67f39a2de5b73SHA1: 541da8999a0f81a12122344eeafe3b030a09a4abANALYSIS DATE: 2022-10-05T22:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a485514c993967e9b55c4dcff24e9eea
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a485514c993967e9b55c4dcff24e9eeaSHA1: 7c3e4da9fdbef9ef564457e7b715bd78051b85e2ANALYSIS DATE: 2022-10-05T22:05:41ZTTPS: T1060, T1112, T1222, T1005,...
How Water Labbu Exploits Electron-Based Applications
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using...
US-CERT Bulletin (SB22-276):Vulnerability Summary for the Week of September 26, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New Maggie malware already infected over 250 Microsoft SQL servers
Hundreds of Microsoft SQL servers all over the world have been infected with a new piece of malware tracked as Maggie....
Malware Analysis – smokeloader – fbb043bd8741a259448382485bd29dd6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: fbb043bd8741a259448382485bd29dd6SHA1: 521882d7a76d6496f800bf5e652e5bd5c07ab1f8ANALYSIS DATE: 2022-10-05T17:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
LockBit 3.0 Ransomware Victim: apunipima[.]org[.]au
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – smokeloader – ffcfc1526b2540403e83ffb80c1274a9
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ffcfc1526b2540403e83ffb80c1274a9SHA1: edbec265adb2149eae9b433df946ee9e69e5deb8ANALYSIS DATE: 2022-10-05T14:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 95503e66b8b02be76b487665cd22127e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 95503e66b8b02be76b487665cd22127eSHA1: aa950f5da6313eea5b765e68ba5842316f7c31eaANALYSIS DATE: 2022-10-05T14:24:31ZTTPS: T1060, T1112, T1222, T1053,...
Malware Analysis – smokeloader – 4db342e59e4063a33e39bf2922746104
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4db342e59e4063a33e39bf2922746104SHA1: 0f7cb769a3037816003d7ee2e12cc033bd0a4a6fANALYSIS DATE: 2022-10-05T15:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ffcfc1526b2540403e83ffb80c1274a9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, collection, discovery, persistence, ransomware, spyware, stealerMD5: ffcfc1526b2540403e83ffb80c1274a9SHA1: edbec265adb2149eae9b433df946ee9e69e5deb8ANALYSIS DATE: 2022-10-05T14:10:26ZTTPS: T1130, T1112, T1082,...
Malware Analysis – djvu – fc47e9571ca6ac5aa22494a8924c5303
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: fc47e9571ca6ac5aa22494a8924c5303SHA1: 3f38e682284990961cec20317ef33e675dc20d43ANALYSIS DATE: 2022-10-05T14:27:13ZTTPS: T1060, T1112, T1082, T1012,...
Malware Analysis – avaddon – bc52d18853a6b575d319692ae8f90fd7
Score: 10 MALWARE FAMILY: avaddonTAGS:family:avaddon, evasion, ransomware, trojanMD5: bc52d18853a6b575d319692ae8f90fd7SHA1: 882b07d029ba27a64f442fa0e3047775667c2957ANALYSIS DATE: 2022-10-05T15:20:26ZTTPS: T1012, T1120, T1082, T1107, T1490, T1088, T1089, T1112...
Malware Analysis – djvu – c930da72228be1f2154dd5ce35535c0e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c930da72228be1f2154dd5ce35535c0eSHA1: c43fbf1331a8cf89ae74ded04873325bf6160f81ANALYSIS DATE: 2022-10-05T15:16:43ZTTPS: T1012, T1005, T1081, T1222,...
Malware Analysis – djvu – 4db342e59e4063a33e39bf2922746104
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4db342e59e4063a33e39bf2922746104SHA1: 0f7cb769a3037816003d7ee2e12cc033bd0a4a6fANALYSIS DATE: 2022-10-05T15:11:46ZTTPS:...
Malware Analysis – djvu – 22b1a5fcdece245a65bad95364c883ab
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 22b1a5fcdece245a65bad95364c883abSHA1: 725f469899973463a0e900ec59076cce338f7ad5ANALYSIS DATE: 2022-10-05T15:13:40ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – smokeloader – 1bb973121130046bdca6cf5366891821
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1bb973121130046bdca6cf5366891821SHA1: cb87eca19a0dc04828c1a4bc6f01894562d97b05ANALYSIS DATE: 2022-10-05T15:31:59ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
