Cobalt Stike Beacon Detected – 150[.]158[.]55[.]146:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2022
Malware Analysis – wannacry – 7f75aa06e06a197d63761176133913ac
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 7f75aa06e06a197d63761176133913acSHA1: 9b2085e5c64ed8f13584082b5aceada1c9c072efANALYSIS DATE: 2022-11-01T09:20:22ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 98e8bcb6dc7fa33c0ba1917db3060d3f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 98e8bcb6dc7fa33c0ba1917db3060d3fSHA1: d476e4750a0cc4b072751d6d618184e825f269d9ANALYSIS DATE: 2022-11-01T10:20:32ZTTPS: T1060, T1112, T1082, T1005, T1081, T1012,...
Malware Analysis – djvu – 64614e3663ac2abd4a21ae1e1d46bfc3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 64614e3663ac2abd4a21ae1e1d46bfc3SHA1: 2a910047f6f2357425965958ca6bb75d550e9a6dANALYSIS DATE: 2022-11-01T09:56:29ZTTPS: T1060, T1112, T1082, T1012, T1005, T1081,...
Cobalt Stike Beacon Detected – 84[.]32[.]188[.]244:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]130[.]45[.]159:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]133[.]46:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]70[.]67[.]154:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – bfd9b7bda4437c4b6ca3d10738afb87a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojan, upxMD5: bfd9b7bda4437c4b6ca3d10738afb87aSHA1:...
Malware Analysis – lockbit – 23e2134379d01a6efcfb519df2819bce
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 23e2134379d01a6efcfb519df2819bceSHA1: 93e1a0c2918ece7a768b9b3fd8d5203e1fa0754cANALYSIS DATE: 2022-11-01T11:19:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – smokeloader – 9e775e96fa042f3b834bbc419900ccc7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 9e775e96fa042f3b834bbc419900ccc7SHA1: 2979669e92f199a0aaddc71e7133891af20ef6d7ANALYSIS DATE: 2022-11-01T10:51:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 352e96b903513bea0586e76f677bd7a0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 352e96b903513bea0586e76f677bd7a0SHA1: 1bd12034347ce8aedcaa6c4612622ebb5142e83cANALYSIS DATE: 2022-11-01T11:40:30ZTTPS: T1222, T1060, T1112, T1005, T1081, T1012,...
Samsung Galaxy Store flaw could have allowed installing malicious apps on target devices
A security flaw in the Galaxy Store app for Samsung devices could have potentially allowed remote command execution on affected...
xf-test-csrf |
NAME xf-test-csrf Platforms Affected:Risk Level:10Exploitability:FunctionalConsequences: DESCRIPTION xf-test-csrf CVSS 3.0 Information Privileges Required: NoneUser Interaction: NoneScope: UnchangedAccess Vector: Access Complexity: LowConfidentiality...
Daily Vulnerability Trends: Tue Nov 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42889Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated...
APT10: Tracking down LODEINFO 2022, part II
In the previous publication ‘Tracking down LODEINFO 2022, part I‘, we mentioned that the initial infection methods vary in different...
APT10: Tracking down LODEINFO 2022, part I
Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any...
LockBit 3.0 Ransomware Victim: hoosierco[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: centurion[.]com[.]pl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – 326b996ad2342c28d3b5e2e94432c4d3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 326b996ad2342c28d3b5e2e94432c4d3SHA1: 158034f8bf2d95774a7a6806dcaa250485eb2408ANALYSIS...
Malware Analysis – djvu – b482dd352ddeb71adc03e2d24c49189c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: b482dd352ddeb71adc03e2d24c49189cSHA1: 2453d68c559fca10b1bc8185ef8da16c478520cbANALYSIS...
Malware Analysis – chaos – d655e77841cf6db3008dcd60c9c5eb18
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: d655e77841cf6db3008dcd60c9c5eb18SHA1: 66d8fc2c3b7f36e935a283e10690249043a387a4ANALYSIS DATE: 2022-11-01T05:36:09ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – dda494bf360d381f476a7b393f23e149
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: dda494bf360d381f476a7b393f23e149SHA1: 62be4a4a8508786b60ca79c1b5820fd16137a97eANALYSIS DATE: 2022-11-01T05:02:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 9852898c26e5194f66754becdb69afb8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 9852898c26e5194f66754becdb69afb8SHA1: 3123b281cb8e992a3246f6285f18bc0dbfc1dc07ANALYSIS...
