Cobalt Stike Beacon Detected – 117[.]50[.]189[.]205:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: October 2022
Cobalt Stike Beacon Detected – 164[.]155[.]64[.]43:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]92[.]215[.]222:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]26[.]5[.]11:8878
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]75:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]98[.]173[.]89:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]129[.]79[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]26[.]39[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]165[.]16[.]63:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – xorist – 5d46d851558adab2374ec9206f0b621b
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: 5d46d851558adab2374ec9206f0b621bSHA1: 07b39753ba49f541654ae3b04b1ced70accafdb1ANALYSIS DATE: 2022-10-28T08:20:10ZTTPS: T1060, T1112, T1005, T1081 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 8d37180cd9df7790e84bde3b55763ba9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:google2, botnet:mario23_10, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, ransomware, spyware, stealer, trojan,...
Malware Analysis – smokeloader – 55cc2eba27a491218b7d57649241f550
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 55cc2eba27a491218b7d57649241f550SHA1: 2d60cd3f6f1f987414a5de5d28e84036657a4559ANALYSIS DATE: 2022-10-28T09:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – c3ac1f6d135647b204eb350e5529d6b6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c3ac1f6d135647b204eb350e5529d6b6SHA1: 1f3705b9c284616e13129798475c9e8598cdda18ANALYSIS DATE: 2022-10-28T08:16:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – 1afd68147ac485753917930116210a40
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 1afd68147ac485753917930116210a40SHA1: 8c8deec48a8a7c3d4e5af8e26e8b3d09decad08bANALYSIS DATE: 2022-10-28T10:31:11ZTTPS: T1130, T1112, T1012, T1120, T1082, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – ransomware – 4c23c3e90104c74108cc92fb71b40e47
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4c23c3e90104c74108cc92fb71b40e47SHA1: c594dbf47e29032a258e0bb64cbc2ce90e47f9d5ANALYSIS DATE: 2022-10-28T10:40:25ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 979b84f1ab146e6472e5c18346e46089
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:google2, botnet:mario23_10, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – ransomware – 05642d4d7f7c155d1fdf6607f78fe4f1
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 05642d4d7f7c155d1fdf6607f78fe4f1SHA1: 291a0a11a12c7a329a8ed36f6e6e99e49331b0d5ANALYSIS DATE: 2022-10-28T10:40:20ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads
Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has...
Qualcomm Snapdragon products code execution | CVE-2022-33214
NAME Qualcomm Snapdragon products code execution Platforms Affected:Qualcomm Snapdragon Mobile Qualcomm Snapdragon Auto Qualcomm Snapdragon Compute Qualcomm Snapdragon Consumer IOT...
Zoom Client for Meetings open redirect | CVE-2022-28763
NAME Zoom Client for Meetings open redirect Platforms Affected:Zoom Zoom Client for Meetings 5.12Risk Level:8.8Exploitability:UnprovenConsequences:Other DESCRIPTION Zoom Client for Meetings...
Apple iOS and iPadOS code execution | CVE-2022-42808
NAME Apple iOS and iPadOS code execution Platforms Affected:Apple iPadOS 15.6 Apple iOS 16Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple iOS and...
Apple macOS Ventura code execution | CVE-2022-32934
NAME Apple macOS Ventura code execution Platforms Affected:Apple macOS VenturaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple macOS Ventura could allow a remote...
Apple macOS Ventura code execution | CVE-2022-32888
NAME Apple macOS Ventura code execution Platforms Affected:Apple macOS VenturaRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple macOS Ventura could allow a remote...
Apple Safari code execution | CVE-2022-42823
NAME Apple Safari code execution Platforms Affected:Apple Safari 16.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple Safari could allow a remote attacker to...
