POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep
An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021....
Year: 2022
Malware Analysis – danabot – b8fa4a8502049a4eeb5f0d877d245340
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: b8fa4a8502049a4eeb5f0d877d245340SHA1:...
Malware Analysis – ransomware – 48b98669cd85373e808b1e4ecc21d252
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 48b98669cd85373e808b1e4ecc21d252SHA1: 41094f11544014dbb7954013bd395de4d8a31959ANALYSIS DATE: 2022-10-13T08:15:59ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – wannacry – a54bd76e5f4e72c14a8919e0e0da50f6
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: a54bd76e5f4e72c14a8919e0e0da50f6SHA1: 26c37e34c52e90c13fcc4cc00e53966ca253d65eANALYSIS DATE: 2022-10-13T08:25:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 47b20a430e464b556929ffd08108e94a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 47b20a430e464b556929ffd08108e94aSHA1: d1fa65a047c630ce3c2057d3f490154d87be1f0dANALYSIS DATE: 2022-10-13T08:02:31ZTTPS: T1005, T1081, T1082, T1012,...
Malware Analysis – wannacry – b9d9625066a34cc108ca55ea141c624a
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: b9d9625066a34cc108ca55ea141c624aSHA1: 4f51a129f39bb40a84f004997ceac9c6ac3fcd36ANALYSIS DATE: 2022-10-13T08:25:05ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – wannacry – 4edfdc708fb7cb3606ca68b6c288f979
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: 4edfdc708fb7cb3606ca68b6c288f979SHA1: 9ceb5872fb2309ecb13f534ca085aa27c04fc913ANALYSIS DATE: 2022-10-13T08:25:05ZTTPS: T1112, T1060, T1158, T1491, T1222,...
Malware Analysis – smokeloader – 11a479ae76ab27af78c9a2371e68be32
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 11a479ae76ab27af78c9a2371e68be32SHA1: 835ec75559bb2a6c6b6c33678af1992454e009eaANALYSIS DATE: 2022-10-13T08:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – wannacry – b03fec4a353ba6770f5b4b8acb5c3085
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: b03fec4a353ba6770f5b4b8acb5c3085SHA1: 52c967c2faf19a38f61e47159f4faccdadeb335bANALYSIS DATE: 2022-10-13T08:26:03ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Cobalt Stike Beacon Detected – 188[.]166[.]125[.]122:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – evasion – ac2e9f9f84f98a1c7514fcf2e81eaa88
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ac2e9f9f84f98a1c7514fcf2e81eaa88SHA1: 8dfb08d755a31fdd40bfc624983113e2b0a4c0adANALYSIS DATE: 2022-10-13T08:42:40ZTTPS: T1107, T1490, T1012, T1120, T1082, T1018, T1130, T1112, T1070 ScoreMeaningExample10Known...
Malware Analysis – evasion – 402af7774c48e1a1a64d4fe70beada2b
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 402af7774c48e1a1a64d4fe70beada2bSHA1: e410d41975b71494ee8d70b375fff4ff0dfdbdccANALYSIS DATE: 2022-10-13T08:38:04ZTTPS: T1059, T1107, T1490, T1082, T1012, T1497 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 0c13413f7eeca789ffdb644c13db3351
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0c13413f7eeca789ffdb644c13db3351SHA1: 15fa888c90ac75266f32788fb97868cd62c0028eANALYSIS DATE: 2022-10-13T08:32:50ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – 11123b38b1013675616c9c50a8377a2a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 11123b38b1013675616c9c50a8377a2aSHA1: 42633b68bfe4d4abdb7061f10eaa93124adc0b11ANALYSIS DATE: 2022-10-13T08:41:03ZTTPS: T1005, T1081, T1130, T1112,...
Cobalt Stike Beacon Detected – 124[.]221[.]161[.]146:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]7[.]230[.]192:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 174[.]139[.]150[.]224:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 150[.]158[.]18[.]5:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – cfd9f994ffbc8772cc33d42e3b20bc9a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cfd9f994ffbc8772cc33d42e3b20bc9aSHA1: cec6acf8a6b2f76a8bae4d5598f5e4d562f58cecANALYSIS DATE: 2022-10-13T09:04:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – play – 04910458c6338cd58027336c5a3e0f26
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 04910458c6338cd58027336c5a3e0f26SHA1: 4948cc434de62b14c6a92fb8d15f6355199dd7f2ANALYSIS DATE: 2022-10-13T09:36:03ZTTPS: T1012, T1120, T1082, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 7d1f91670fbc54e859ba130772310031
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7d1f91670fbc54e859ba130772310031SHA1: c986b238c5e0455adb63fcce11b0faa84be0fcdeANALYSIS DATE: 2022-10-13T09:34:39ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – evasion – 641645f7373be3c2e7575bcc67256a95
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 641645f7373be3c2e7575bcc67256a95SHA1: 281595d0916272e209626fb753186419d217d6daANALYSIS DATE: 2022-10-13T08:53:07ZTTPS: T1012, T1082, T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 41[.]216[.]183[.]186:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]48[.]76:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
