Year: 2022

Cobalt Stike Beacon Detected – 154[.]204[.]59[.]116:80

November 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 84[.]32[.]128[.]89:443

November 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 164[.]128[.]173[.]115:8443

November 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 120[.]24[.]240[.]80:80

November 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 683716645ccd5866870caf64f21951b2

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 683716645ccd5866870caf64f21951b2SHA1: 0c138fa06311cc75246c0ee61a2e70fee37cde9eANALYSIS DATE: 2022-11-02T10:21:04ZTTPS: T1222, T1082, T1053, T1005, T1081, T1130,...

Malware Analysis – amadey – c2d648c94f708dca1cbe10cb60260fa9

November 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...

Malware Analysis – smokeloader – e9f9bedb14d80d6e30192745de74347d

November 2, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e9f9bedb14d80d6e30192745de74347dSHA1: b1cabbccfdb258835d8684efc400a7db6c3d6498ANALYSIS DATE: 2022-11-02T11:37:01ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 537ecc10bd947a0dd5d9088bf6474fa2

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 537ecc10bd947a0dd5d9088bf6474fa2SHA1: 6138e922e5bf72d482cb563e1c52486dbe8b9669ANALYSIS DATE: 2022-11-02T11:40:58ZTTPS: T1005, T1081, T1012, T1082, T1222, T1060,...

Black Basta Ransomware Victim: Popp Hutcheson PLLC

November 2, 2022

Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Dropbox discloses unauthorized access to 130 GitHub source code repositories

November 2, 2022

Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File...

OpenSSL fixed two high-severity vulnerabilities

November 2, 2022

The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote...

Daily Vulnerability Trends: Wed Nov 02 2022

November 2, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, specifically in...

APT trends report Q3 2022

November 2, 2022

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...

Malware Analysis – wannacry – 8178a7ed30cf865004edebae2e5e0a4f

November 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 8178a7ed30cf865004edebae2e5e0a4fSHA1: 12b649c2e7859e224faf16ed720b8cffc668d6bfANALYSIS DATE: 2022-11-02T03:00:32ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – – a4fcfcab7e8f332fde1df215505b01c3

November 2, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: a4fcfcab7e8f332fde1df215505b01c3SHA1: b09c7ed21e82cf1710de85500762de43bc3943ffANALYSIS DATE: 2022-11-02T03:39:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – d56f709686e8300b90bf1f532b451098

November 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: d56f709686e8300b90bf1f532b451098SHA1: 1d560b72e07df6b61824e80505d5fb96a5b11fd9ANALYSIS DATE: 2022-11-02T03:00:33ZTTPS: T1082, T1053, T1005, T1081, T1012, T1060,...

Malware Analysis – wannacry – eab40b007ca86f362aa392d43847639e

November 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: eab40b007ca86f362aa392d43847639eSHA1: 167b8a4514604ec8c2a63d5eaaa3fe9b08e943ceANALYSIS DATE: 2022-11-02T03:00:25ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – discovery – 63fc4630994a3a39633336254e873d67

November 2, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: 63fc4630994a3a39633336254e873d67SHA1: aa7e505f56194a00298b366affb5bc97a2712064ANALYSIS DATE: 2022-11-02T04:07:43ZTTPS: T1490, T1059, T1107, T1060, T1112, T1088, T1089,...

Malware Analysis – evasion – b301c4b060dadf887e53d671aa6a7aff

November 2, 2022

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: b301c4b060dadf887e53d671aa6a7affSHA1: d6d5274b17f911b7f1923e2f7540926697b6049eANALYSIS DATE: 2022-11-02T04:21:34ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – amadey – 83d4ecf239705c042200ec89d3c3bbc8

November 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, botnet:google2, botnet:mario23_10, botnet:slovarik1btc, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 83d4ecf239705c042200ec89d3c3bbc8SHA1: f65ec33ef02435a23606f3f12786fc284a09e975ANALYSIS...

Malware Analysis – ransomware – aca640f5159565dbef2382379dcaf0a9

November 2, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: aca640f5159565dbef2382379dcaf0a9SHA1: d00d0efc22a3315a5a683eef10a4864f5e1e6b32ANALYSIS DATE: 2022-11-02T03:44:16ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – xenomorph – e39505e65aec6835f680c902e1c8f7d8

November 2, 2022

Score: 10 MALWARE FAMILY: xenomorphTAGS:family:xenomorph, banker, evasion, infostealer, ransomware, trojanMD5: e39505e65aec6835f680c902e1c8f7d8SHA1: 8b2984b8838067903ee3ff95d8a6823106216296ANALYSIS DATE: 2022-11-02T04:23:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – evasion – cf8e1c24065c6af0d2c64c8e454dc808

November 2, 2022

Score: 5 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cf8e1c24065c6af0d2c64c8e454dc808SHA1: e2f5c145d78ea874ed2db9e99e7428e16c580860ANALYSIS DATE: 2022-11-02T04:21:42ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – 924a8b1d7396a7e21e026b4424fcd080

November 2, 2022

Score: 5 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 924a8b1d7396a7e21e026b4424fcd080SHA1: 1a6193b9c349913c13d4a2aeae208c027394f9c3ANALYSIS DATE: 2022-11-02T04:24:11ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Year: 2022

Cobalt Stike Beacon Detected – 154[.]204[.]59[.]116:80

Cobalt Stike Beacon Detected – 84[.]32[.]128[.]89:443

Cobalt Stike Beacon Detected – 164[.]128[.]173[.]115:8443

Cobalt Stike Beacon Detected – 120[.]24[.]240[.]80:80

Malware Analysis – djvu – 683716645ccd5866870caf64f21951b2

Malware Analysis – amadey – c2d648c94f708dca1cbe10cb60260fa9

Malware Analysis – smokeloader – e9f9bedb14d80d6e30192745de74347d

Malware Analysis – djvu – 537ecc10bd947a0dd5d9088bf6474fa2

Black Basta Ransomware Victim: Popp Hutcheson PLLC

Dropbox discloses unauthorized access to 130 GitHub source code repositories

OpenSSL fixed two high-severity vulnerabilities

Daily Vulnerability Trends: Wed Nov 02 2022

APT trends report Q3 2022

Malware Analysis – wannacry – 8178a7ed30cf865004edebae2e5e0a4f

Malware Analysis – – a4fcfcab7e8f332fde1df215505b01c3

Malware Analysis – djvu – d56f709686e8300b90bf1f532b451098

Malware Analysis – wannacry – eab40b007ca86f362aa392d43847639e

Malware Analysis – discovery – 63fc4630994a3a39633336254e873d67

Malware Analysis – evasion – b301c4b060dadf887e53d671aa6a7aff

Malware Analysis – amadey – 83d4ecf239705c042200ec89d3c3bbc8

Malware Analysis – ransomware – aca640f5159565dbef2382379dcaf0a9

Malware Analysis – xenomorph – e39505e65aec6835f680c902e1c8f7d8

Malware Analysis – evasion – cf8e1c24065c6af0d2c64c8e454dc808

Malware Analysis – evasion – 924a8b1d7396a7e21e026b4424fcd080

[SARCOMA] – Ransomware Victim: Jacquet Weston Engineering

[SARCOMA] – Ransomware Victim: compass-underwriting-ltd

[SARCOMA] – Ransomware Victim: cana group corp

[LYNX] – Ransomware Victim: Sentinel Systems

[LYNX] – Ransomware Victim: Angotti & Reilly

You may have missed