Year: 2022

Cobalt Stike Beacon Detected – 101[.]42[.]178[.]86:443

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]139[.]78[.]242:80

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 46[.]21[.]107[.]60:443

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – persistence – f676aba2d996eed2c194e9f5944446fa

October 24, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: f676aba2d996eed2c194e9f5944446faSHA1: 9cbf67ee5a45c47bcadbd0d67642e690d9da9d92ANALYSIS DATE: 2022-10-23T20:19:05ZTTPS: T1060, T1112, T1107, T1490, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...

Cobalt Stike Beacon Detected – 81[.]19[.]140[.]9:443

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – danabot – b55340d42a86faf6ce8f664527e22f13

October 24, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: b55340d42a86faf6ce8f664527e22f13SHA1: 7f5875b0b38f6fd754d906d22c021834e70ed3e8ANALYSIS...

Malware Analysis – evasion – 729cd1068f8a097c2645f2dee30a62b9

October 24, 2022

Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 729cd1068f8a097c2645f2dee30a62b9SHA1: fa5314f171cf73d8a27124faffcc0dd6f7866046ANALYSIS DATE: 2022-10-23T20:20:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 0f1a802a12fd40dbd5918c6e6edbbfe6

October 24, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0f1a802a12fd40dbd5918c6e6edbbfe6SHA1: a4ae06064164336421e71201365f1567ff015c75ANALYSIS DATE: 2022-10-23T21:05:39ZTTPS: T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – 11f5215a4122653acb8b87ef5926ebf2

October 24, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 11f5215a4122653acb8b87ef5926ebf2SHA1: d17bbc7a11d3eec7bf60d8d1cc058b831970ab41ANALYSIS DATE: 2022-10-23T21:18:15ZTTPS: T1222, T1060, T1112, T1082,...

Cobalt Stike Beacon Detected – 91[.]213[.]50[.]75:8010

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 77[.]73[.]133[.]80:80

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 185[.]244[.]175[.]231:80

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – efc33baa8c7f69b7590a8944f1b4845a

October 24, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: efc33baa8c7f69b7590a8944f1b4845aSHA1: 92ea17ab992b030e70858ece30f55be619961419ANALYSIS DATE: 2022-10-23T21:26:12ZTTPS: T1088, T1089, T1112, T1060, T1004, T1158, T1018, T1012,...

Cobalt Stike Beacon Detected – 91[.]213[.]50[.]3:80

October 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – 5aa527e4144d3a2aeeecefb782344920

October 24, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 5aa527e4144d3a2aeeecefb782344920SHA1: 1784b83943a6eaf703a949fde203016b4a890e2cANALYSIS DATE: 2022-10-23T21:26:15ZTTPS: T1091, T1088, T1089, T1112, T1060, T1004, T1158, T1491,...

Malware Analysis – – 5bf4fb0a44f3a28b8075d38d0a5434ea

October 24, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 5bf4fb0a44f3a28b8075d38d0a5434eaSHA1: 32b731cf212bc10d5b92d4ecf8729b0f14d40d30ANALYSIS DATE: 2022-10-23T21:06:26ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 406da3bee42da4faa18d99603bbbc687

October 24, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 406da3bee42da4faa18d99603bbbc687SHA1: 1b9ff420e17f1c6f4954bdd5195ef4d418ac8e67ANALYSIS DATE: 2022-10-23T21:53:09ZTTPS: T1060, T1112, T1012, T1082,...

Malware Analysis – – 376e7c861b5fe10a0af282cd7bc6056d

October 24, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 376e7c861b5fe10a0af282cd7bc6056dSHA1: b2750339e8f0dccd0277ea78c6c0038019d3abb0ANALYSIS DATE: 2022-10-23T22:03:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – dcrat – 01b3b5a2380d81305a2701f1953357c5

October 24, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:google2, botnet:mario23_10, botnet:nam7, botnet:slovarikinstalls, backdoor, brand:microsoft, collection, discovery, infostealer, persistence,...

Malware Analysis – djvu – 0ecd97e60d5ae5f2b47749ac3cb9bef1

October 24, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0ecd97e60d5ae5f2b47749ac3cb9bef1SHA1: fada1ee6b9918d111015cc5b0b19091ccf433427ANALYSIS DATE: 2022-10-23T21:54:26ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – – 77b3d8d5850b5735e58db6fc281f763f

October 24, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 77b3d8d5850b5735e58db6fc281f763fSHA1: cd4813d5533f1894f8b6ece019c577f46d5fa4ecANALYSIS DATE: 2022-10-23T22:23:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – dcrat – f31a3812e736277f4fb6820e14578719

October 24, 2022

Malware Analysis – banker – 12e6ff97e8817baa0a862aa030a0911a

October 24, 2022

Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 12e6ff97e8817baa0a862aa030a0911aSHA1: 6850809714fa74ce2d14eac8ace4041d6b4c7afaANALYSIS DATE: 2022-10-23T22:55:54ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – – d470440fe7763d19b1e6bdeef594e219

October 24, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: d470440fe7763d19b1e6bdeef594e219SHA1: f36fbb61d0c7e13f5e11f4601ee0fbf9609dddf8ANALYSIS DATE: 2022-10-23T22:59:22ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Year: 2022

Cobalt Stike Beacon Detected – 101[.]42[.]178[.]86:443

Cobalt Stike Beacon Detected – 43[.]139[.]78[.]242:80

Cobalt Stike Beacon Detected – 46[.]21[.]107[.]60:443

Malware Analysis – persistence – f676aba2d996eed2c194e9f5944446fa

Cobalt Stike Beacon Detected – 81[.]19[.]140[.]9:443

Malware Analysis – danabot – b55340d42a86faf6ce8f664527e22f13

Malware Analysis – evasion – 729cd1068f8a097c2645f2dee30a62b9

Malware Analysis – ransomware – 0f1a802a12fd40dbd5918c6e6edbbfe6

Malware Analysis – djvu – 11f5215a4122653acb8b87ef5926ebf2

Cobalt Stike Beacon Detected – 91[.]213[.]50[.]75:8010

Cobalt Stike Beacon Detected – 77[.]73[.]133[.]80:80

Cobalt Stike Beacon Detected – 185[.]244[.]175[.]231:80

Malware Analysis – evasion – efc33baa8c7f69b7590a8944f1b4845a

Cobalt Stike Beacon Detected – 91[.]213[.]50[.]3:80

Malware Analysis – evasion – 5aa527e4144d3a2aeeecefb782344920

Malware Analysis – – 5bf4fb0a44f3a28b8075d38d0a5434ea

Malware Analysis – djvu – 406da3bee42da4faa18d99603bbbc687

Malware Analysis – – 376e7c861b5fe10a0af282cd7bc6056d

Malware Analysis – dcrat – 01b3b5a2380d81305a2701f1953357c5

Malware Analysis – djvu – 0ecd97e60d5ae5f2b47749ac3cb9bef1

Malware Analysis – – 77b3d8d5850b5735e58db6fc281f763f

Malware Analysis – dcrat – f31a3812e736277f4fb6820e14578719

Malware Analysis – banker – 12e6ff97e8817baa0a862aa030a0911a

Malware Analysis – – d470440fe7763d19b1e6bdeef594e219

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

CVE Alert: CVE-2025-21560

CVE Alert: CVE-2025-21558

CVE Alert: CVE-2025-21547

CVE Alert: CVE-2025-21561

You may have missed