Month: November 2022

Cobalt Stike Beacon Detected – 8[.]134[.]155[.]21:80

November 27, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ctblocker – d8704f06cb0813c2cbb543b95fda51ce

November 27, 2022

Score: 10 MALWARE FAMILY: ctblockerTAGS:family:ctblocker, ransomwareMD5: d8704f06cb0813c2cbb543b95fda51ceSHA1: 987886e485ecf443002159065411e42cb0dfc264ANALYSIS DATE: 2022-11-26T08:59:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ctblocker – eef171f1c62bcec4835b8f806a772766

November 27, 2022

Score: 10 MALWARE FAMILY: ctblockerTAGS:family:ctblocker, ransomwareMD5: eef171f1c62bcec4835b8f806a772766SHA1: 5e2f0fc5300f3d394e00abbc34f687215ba87bb6ANALYSIS DATE: 2022-11-26T09:00:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – a9d1f6ab9f83e46f0a3c6b1d2b8cafd2

November 27, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a9d1f6ab9f83e46f0a3c6b1d2b8cafd2SHA1: a1204f18c910fff65daa7f43d31a3fef5f2910d1ANALYSIS DATE: 2022-11-26T09:00:01ZTTPS: T1491, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – ransomware – f47b209aa25c3426286be59241c54080

November 27, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: f47b209aa25c3426286be59241c54080SHA1: 5ea33d22675205abee0456816607df747f1d8fd9ANALYSIS DATE: 2022-11-26T08:32:35ZTTPS: T1082, T1107, T1490, T1491, T1112, T1012 ScoreMeaningExample10Known badA malware family was...

Cobalt Stike Beacon Detected – 18[.]133[.]195[.]61:4433

November 27, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 89[.]147[.]109[.]202:443

November 27, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 69[.]165[.]74[.]48:443

November 27, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 194[.]135[.]24[.]245:80

November 27, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – dc8bc1f88c3da5aa04fea4933d74f3b6

November 27, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: dc8bc1f88c3da5aa04fea4933d74f3b6SHA1: 392a0dfa4eb522e9e187f32274b3597c6a8bb221ANALYSIS DATE: 2022-11-26T09:00:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ctblocker – 39c0e005cd2892a7b315081f9db6dc37

November 27, 2022

Score: 10 MALWARE FAMILY: ctblockerTAGS:family:ctblocker, ransomwareMD5: 39c0e005cd2892a7b315081f9db6dc37SHA1: e9c2dda548ca0f53939d8bbf9228a92977964341ANALYSIS DATE: 2022-11-26T09:00:05ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – ransomware – 14c0558c757c93465eccbbd77d58bbf3

November 27, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 14c0558c757c93465eccbbd77d58bbf3SHA1: 6810f392ca6daa1278b0a97629021401c14f3235ANALYSIS DATE: 2022-11-26T09:00:11ZTTPS: T1107, T1490, T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – persistence – 9ef90f617a781cd6c0d0d3c4cbb449d7

November 27, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 9ef90f617a781cd6c0d0d3c4cbb449d7SHA1: 985d26bc7255e0c13780c507783498570ceb5868ANALYSIS DATE: 2022-11-26T09:01:58ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

November 27, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

November 27, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Malware Analysis – cryptowall – 3debd97bd2eef41efc4427881fba4ae4

November 27, 2022

Score: 10 MALWARE FAMILY: cryptowallTAGS:family:cryptowall, ransomwareMD5: 3debd97bd2eef41efc4427881fba4ae4SHA1: 828043e5d6f9e945495f9ee2d6d72a15cccbd33eANALYSIS DATE: 2022-11-26T09:02:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – persistence – e6227eaefc147e66e3c7fa87a7e90fd6

November 27, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: e6227eaefc147e66e3c7fa87a7e90fd6SHA1: 911670753ffb5d56466888a22182501c4e32ebedANALYSIS DATE: 2022-11-26T09:02:51ZTTPS: T1082, T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – persistence – 5dd9b1d1fa4f48d440b19b6be04de03d

November 27, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 5dd9b1d1fa4f48d440b19b6be04de03dSHA1: 5d34fb80164c3b3687ee38f75aaa56060a971efeANALYSIS DATE: 2022-11-26T09:02:41ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – persistence – aba1a04847ebb0a329971557f0965c82

November 27, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: aba1a04847ebb0a329971557f0965c82SHA1: 7bd1b593d1cb8fca7e0e1f393c6cb93c45f6498fANALYSIS DATE: 2022-11-26T09:02:26ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – eb56f816e399aa39da425656720ec880

November 27, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: eb56f816e399aa39da425656720ec880SHA1: 49dd6ea2e71e175be21d329657d9924f83c48fdbANALYSIS DATE: 2022-11-26T09:26:24ZTTPS: T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – discovery – 1f252dde759d798e6012fc7495e21118

November 27, 2022

Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, exploit, upxMD5: 1f252dde759d798e6012fc7495e21118SHA1: ba8fcb3b5f1645775ace4cc9fdebfd22f8e57cccANALYSIS DATE: 2022-11-26T09:45:59ZTTPS: T1012, T1222, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 796fdae3b1476ed20cdac74ca9d40973

November 27, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 796fdae3b1476ed20cdac74ca9d40973SHA1: 1067f53a9e67a61f41d649874e7c40a1e0a2cb2eANALYSIS DATE: 2022-11-26T09:33:48ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – 55bc4f0b5337608015a19e4d4deb1914

November 27, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: 55bc4f0b5337608015a19e4d4deb1914SHA1: 7ebc776a573fbaa6a4658fc53a4db42a4b17138cANALYSIS DATE: 2022-11-26T21:55:19ZTTPS: T1130, T1112, T1222, T1012, T1082,...

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches

November 26, 2022

The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more...

Month: November 2022

Cobalt Stike Beacon Detected – 8[.]134[.]155[.]21:80

Malware Analysis – ctblocker – d8704f06cb0813c2cbb543b95fda51ce

Malware Analysis – ctblocker – eef171f1c62bcec4835b8f806a772766

Malware Analysis – ransomware – a9d1f6ab9f83e46f0a3c6b1d2b8cafd2

Malware Analysis – ransomware – f47b209aa25c3426286be59241c54080

Cobalt Stike Beacon Detected – 18[.]133[.]195[.]61:4433

Cobalt Stike Beacon Detected – 89[.]147[.]109[.]202:443

Cobalt Stike Beacon Detected – 69[.]165[.]74[.]48:443

Cobalt Stike Beacon Detected – 194[.]135[.]24[.]245:80

Malware Analysis – ransomware – dc8bc1f88c3da5aa04fea4933d74f3b6

Malware Analysis – ctblocker – 39c0e005cd2892a7b315081f9db6dc37

Malware Analysis – ransomware – 14c0558c757c93465eccbbd77d58bbf3

Malware Analysis – persistence – 9ef90f617a781cd6c0d0d3c4cbb449d7

BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe

BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01

Malware Analysis – cryptowall – 3debd97bd2eef41efc4427881fba4ae4

Malware Analysis – persistence – e6227eaefc147e66e3c7fa87a7e90fd6

Malware Analysis – persistence – 5dd9b1d1fa4f48d440b19b6be04de03d

Malware Analysis – persistence – aba1a04847ebb0a329971557f0965c82

Malware Analysis – evasion – eb56f816e399aa39da425656720ec880

Malware Analysis – discovery – 1f252dde759d798e6012fc7495e21118

Malware Analysis – ransomware – 796fdae3b1476ed20cdac74ca9d40973

Malware Analysis – djvu – 55bc4f0b5337608015a19e4d4deb1914

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches

[INCRANSOM] – Ransomware Victim: Darlington EMS

[INCRANSOM] – Ransomware Victim: Schuck-Gruppe

[APT73] – Ransomware Victim: gureco[.]pl

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

[INCRANSOM] – Ransomware Victim: IPE Engwicht

You may have missed