Year: 2022

Security Affairs newsletter Round 390

October 23, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...

Hackers stole sensitive data from Iran’s atomic energy agency

October 23, 2022

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system. Iran’s atomic energy agency revealed on...

Malware Analysis – djvu – 561fcb94c38fccd8243979355ed1fd9c

October 23, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 561fcb94c38fccd8243979355ed1fd9cSHA1: edc2506e2fa920e92e9ab982eab2050802d337bbANALYSIS DATE: 2022-10-23T14:10:33ZTTPS: T1005, T1081, T1222, T1082,...

Malware Analysis – wannacry – 0eee97a373a61b19331f61e8858ec1cc

October 23, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 0eee97a373a61b19331f61e8858ec1ccSHA1: 5e993119a6b1fd9735bbffb8c588bf0914539712ANALYSIS DATE: 2022-10-23T15:20:21ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – persistence – 567315c1e449eea7e8538205cb4cc7bb

October 23, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 567315c1e449eea7e8538205cb4cc7bbSHA1: 6ab1ee7f5897328fc58883256f19878c4c465d35ANALYSIS DATE: 2022-10-23T15:09:03ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – – 416f169b4d316eb3f52682ceba73cbdb

October 23, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 416f169b4d316eb3f52682ceba73cbdbSHA1: 164f6ddfa7be987bb116269c22a30f26989e9721ANALYSIS DATE: 2022-10-23T15:03:30ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – fdce9fda78956bd5b7af1ff002a60a25

October 23, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: fdce9fda78956bd5b7af1ff002a60a25SHA1: 51199303d78f1ab6241eaba7fae0a1972dc13c0cANALYSIS DATE: 2022-10-23T15:22:28ZTTPS: T1082, T1005, T1081, T1053,...

Malware Analysis – persistence – 4d7a534ad63b166f3d51a2015a8b65f2

October 23, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 4d7a534ad63b166f3d51a2015a8b65f2SHA1: f745a682cf28df6542711ff6895c3377fbb1fc99ANALYSIS DATE: 2022-10-23T16:00:26ZTTPS: T1082, T1107, T1490, T1091, T1060, T1112, T1005, T1081...

Malware Analysis – ransomware – 282895b302ae4886396fa2515fdc9609

October 23, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 282895b302ae4886396fa2515fdc9609SHA1: 4c92752edde8c9b767a80d644089c2d767e4dd23ANALYSIS DATE: 2022-10-23T15:40:13ZTTPS: T1018, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – – 0da5fe0091c4680a9040dfba599d7ec6

October 23, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 0da5fe0091c4680a9040dfba599d7ec6SHA1: 1b3aa73b60197242b4bcc57ca39c0d9f49d2d7d4ANALYSIS DATE: 2022-10-23T15:56:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – – a6c266b4c295f9e5d2956c7b2893eb7d

October 23, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: a6c266b4c295f9e5d2956c7b2893eb7dSHA1: c617fd14806b71f5930dd5ee26090ff53649eb12ANALYSIS DATE: 2022-10-23T16:50:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 522b8a11b8f487fd11a851bba910bf3f

October 23, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 522b8a11b8f487fd11a851bba910bf3fSHA1: f91316474f7dd52530f316b9bfde120da3c17796ANALYSIS DATE: 2022-10-23T16:12:35ZTTPS: T1082, T1053, T1005, T1081,...

Malware Analysis – – 0b23d4fb182a5b4a11cffabe59346ebb

October 23, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 0b23d4fb182a5b4a11cffabe59346ebbSHA1: 060c3991d04379ab5e2d7ba3e743c37c08f33efcANALYSIS DATE: 2022-10-23T16:26:23ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – 58b258d5b91b8589a05fafe397233691

October 23, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 58b258d5b91b8589a05fafe397233691SHA1: 870de902ee35343cfb7a917bfc8edf0c52b49eb3ANALYSIS DATE: 2022-10-23T16:26:55ZTTPS: T1060, T1112, T1222, T1005,...

Wholesale giant METRO confirmed to have suffered a cyberattack

October 23, 2022

International cash and carry giant METRO suffered this week IT infrastructure outages following a cyberattack. International cash and carry giant...

Cobalt Stike Beacon Detected – 89[.]248[.]163[.]247:443

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]221[.]119[.]2:8443

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]93[.]241[.]137:8080

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]100[.]47[.]35:5555

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – – d4cdafc2d8aef481a9b6830894efcfc1

October 23, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: d4cdafc2d8aef481a9b6830894efcfc1SHA1: 68d8668d0b606b97ad40daacd3e680d1badeaf3cANALYSIS DATE: 2022-10-23T08:07:45ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – persistence – a0dcaefaa2689c66a46ee8222a6fbbc1

October 23, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a0dcaefaa2689c66a46ee8222a6fbbc1SHA1: 67a1098314a8c987533615093274a2450e16f01dANALYSIS DATE: 2022-10-23T08:06:23ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – – 0c997c93bf7aac43e8bc22a9ea2fd9f8

October 23, 2022

Score: 8 MALWARE FAMILY: TAGS:MD5: 0c997c93bf7aac43e8bc22a9ea2fd9f8SHA1: 1c1e46e49c769c48104ee40506c67f738c6978f9ANALYSIS DATE: 2022-10-23T08:14:19ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Cobalt Stike Beacon Detected – 45[.]84[.]240[.]5:443

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]142[.]133[.]138:8888

October 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Year: 2022

Security Affairs newsletter Round 390

Hackers stole sensitive data from Iran’s atomic energy agency

Malware Analysis – djvu – 561fcb94c38fccd8243979355ed1fd9c

Malware Analysis – wannacry – 0eee97a373a61b19331f61e8858ec1cc

Malware Analysis – persistence – 567315c1e449eea7e8538205cb4cc7bb

Malware Analysis – – 416f169b4d316eb3f52682ceba73cbdb

Malware Analysis – djvu – fdce9fda78956bd5b7af1ff002a60a25

Malware Analysis – persistence – 4d7a534ad63b166f3d51a2015a8b65f2

Malware Analysis – ransomware – 282895b302ae4886396fa2515fdc9609

Malware Analysis – – 0da5fe0091c4680a9040dfba599d7ec6

Malware Analysis – – a6c266b4c295f9e5d2956c7b2893eb7d

Malware Analysis – djvu – 522b8a11b8f487fd11a851bba910bf3f

Malware Analysis – – 0b23d4fb182a5b4a11cffabe59346ebb

Malware Analysis – djvu – 58b258d5b91b8589a05fafe397233691

Wholesale giant METRO confirmed to have suffered a cyberattack

Cobalt Stike Beacon Detected – 89[.]248[.]163[.]247:443

Cobalt Stike Beacon Detected – 124[.]221[.]119[.]2:8443

Cobalt Stike Beacon Detected – 47[.]93[.]241[.]137:8080

Cobalt Stike Beacon Detected – 47[.]100[.]47[.]35:5555

Malware Analysis – – d4cdafc2d8aef481a9b6830894efcfc1

Malware Analysis – persistence – a0dcaefaa2689c66a46ee8222a6fbbc1

Malware Analysis – – 0c997c93bf7aac43e8bc22a9ea2fd9f8

Cobalt Stike Beacon Detected – 45[.]84[.]240[.]5:443

Cobalt Stike Beacon Detected – 43[.]142[.]133[.]138:8888

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

CVE Alert: CVE-2025-21560

CVE Alert: CVE-2025-21558

CVE Alert: CVE-2025-21547

CVE Alert: CVE-2025-21561

You may have missed