Year: 2022

Cobalt Stike Beacon Detected – 175[.]178[.]243[.]43:2087

December 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]42[.]233[.]208:8443

December 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 179[.]43[.]154[.]155:80

December 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 1[.]12[.]48[.]210:50000

December 2, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – wannacry – ed7f40e4e7ba70381d580a5ce8247ea1

December 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: ed7f40e4e7ba70381d580a5ce8247ea1SHA1: ca4bacd7fc40b8ddcb6f5623b21614cac16bbd52ANALYSIS DATE: 2022-11-30T14:03:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – wannacry – 7bf0fb013eef78b55c39cbc62339e4a5

December 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 7bf0fb013eef78b55c39cbc62339e4a5SHA1: 1fa5586c2884c5b5cc6bc99c7a2ce0e49b93d7d2ANALYSIS DATE: 2022-11-30T14:05:57ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – wannacry – 8f5f214c98f0287f8ef9ecc18e1fab41

December 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 8f5f214c98f0287f8ef9ecc18e1fab41SHA1: 220239a1acde4883173708d67b28a1757617b30aANALYSIS DATE: 2022-11-30T14:07:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – wannacry – ed7cd9ddd0c1e1cf38f59e9e664d080f

December 2, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: ed7cd9ddd0c1e1cf38f59e9e664d080fSHA1: 6b09a1cb5f9f43bd961176c90ace84a3030aff04ANALYSIS DATE: 2022-11-30T13:50:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – adware – eeeaf6060eb054b3cb226489772d16a1

December 2, 2022

Score: 10 MALWARE FAMILY: adwareTAGS:adware, bootkit, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: eeeaf6060eb054b3cb226489772d16a1SHA1: 31bd0c26984708b894e0f917a10264fdd74ecab9ANALYSIS DATE: 2022-12-02T08:33:48ZTTPS: T1012, T1082, T1060,...

Malware Analysis – evasion – 80a2944d792c27417c3b06c3183626dc

December 2, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 80a2944d792c27417c3b06c3183626dcSHA1: 9f76c8445c658720085784e1c38fb9616b5aa781ANALYSIS DATE: 2022-12-02T09:05:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 84e10f7f6ff7d48611fc44cc9d6cf2f4

December 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 84e10f7f6ff7d48611fc44cc9d6cf2f4SHA1: 7fd0d6f299baabc35efcaa83f7e7749d3a7297adANALYSIS DATE: 2022-12-02T10:07:32ZTTPS: T1130, T1112, T1060, T1222, T1082, T1012 ScoreMeaningExample10Known badA...

Malware Analysis – sodinokibi – a3749c66f65d247d8a6fae1be26d3ef9

December 2, 2022

Score: 10 MALWARE FAMILY: sodinokibiTAGS:family:sodinokibi, botnet:5, campaign:367, ransomwareMD5: a3749c66f65d247d8a6fae1be26d3ef9SHA1: c394464bba56e62ddfe2c9073932fb656fb78b6cANALYSIS DATE: 2022-12-02T09:48:15ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Brute Ratel C4 Detected – 45[.]137[.]117[.]219:443

December 2, 2022

The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...

Malware Analysis – amadey – c05a5e1f0fe1ada0824c6ed62d7c1014

December 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: c05a5e1f0fe1ada0824c6ed62d7c1014SHA1: 6cd88375eb41aa2bf5628fe64585df698c24a5bbANALYSIS DATE:...

Malware Analysis – amadey – df551c1f4b32c3c1bba785c23297b62c

December 2, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: df551c1f4b32c3c1bba785c23297b62cSHA1: f522481eb37575d29c62a5dae2c7c9c9412356c6ANALYSIS DATE:...

Malware Analysis – djvu – 4eba652fcb08f677765760fd3b9af02f

December 2, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 4eba652fcb08f677765760fd3b9af02fSHA1: e49b8d2a70975897d664e38ab55c970b07f734b3ANALYSIS DATE: 2022-12-02T10:25:57ZTTPS: T1060, T1112, T1222, T1082, T1012, T1130 ScoreMeaningExample10Known badA...

Malware Analysis – ransomware – 09c09f6890098c4686b55b1af5a4494c

December 2, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 09c09f6890098c4686b55b1af5a4494cSHA1: e252aafe3a5de030f1ae49f86bd1e1b4743b7ddeANALYSIS DATE: 2022-12-02T11:29:22ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Movie Ticket Booking System cross-site scripting | CVE-2022-4250

December 2, 2022

NAME Movie Ticket Booking System cross-site scripting Platforms Affected:Movie Ticket Booking System Movie Ticket Booking System-PHP SQL injection vulnerability existsRisk...

Book Store Management System information disclosure | CVE-2022-4229

December 2, 2022

NAME Book Store Management System information disclosure Platforms Affected:Sourcecodester Book Store Management System 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Book Store Management...

Ff4j code execution | CVE-2022-44262

December 2, 2022

NAME Ff4j code execution Platforms Affected:ff4j ff4j 1.8.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Ff4j could allow a remote attacker to execute arbitrary...

Drachtio Server buffer overflow | CVE-2022-45909

December 2, 2022

NAME Drachtio Server buffer overflow Platforms Affected:drachtio drachtio-server 0.8.18Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Drachtio Server is vulnerable to a heap-based buffer...

KSB2022_Statistics-of-the-Year-990x400-1

Kaspersky Security Bulletin 2022. Statistics

December 2, 2022

All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components...

Malware Analysis – persistence – a735ff10e359539181c1eca593091ee6

December 2, 2022

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a735ff10e359539181c1eca593091ee6SHA1: 8a977618d315bfacb16afbe883e04f427311cefbANALYSIS DATE: 2022-12-02T03:36:25ZTTPS: T1012, T1082, T1120, T1060, T1112 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – dcrat – fd16369ea0ae1958caa9cd09fc114704

December 2, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: fd16369ea0ae1958caa9cd09fc114704SHA1:...

Year: 2022

Cobalt Stike Beacon Detected – 175[.]178[.]243[.]43:2087

Cobalt Stike Beacon Detected – 101[.]42[.]233[.]208:8443

Cobalt Stike Beacon Detected – 179[.]43[.]154[.]155:80

Cobalt Stike Beacon Detected – 1[.]12[.]48[.]210:50000

Malware Analysis – wannacry – ed7f40e4e7ba70381d580a5ce8247ea1

Malware Analysis – wannacry – 7bf0fb013eef78b55c39cbc62339e4a5

Malware Analysis – wannacry – 8f5f214c98f0287f8ef9ecc18e1fab41

Malware Analysis – wannacry – ed7cd9ddd0c1e1cf38f59e9e664d080f

Malware Analysis – adware – eeeaf6060eb054b3cb226489772d16a1

Malware Analysis – evasion – 80a2944d792c27417c3b06c3183626dc

Malware Analysis – djvu – 84e10f7f6ff7d48611fc44cc9d6cf2f4

Malware Analysis – sodinokibi – a3749c66f65d247d8a6fae1be26d3ef9

Brute Ratel C4 Detected – 45[.]137[.]117[.]219:443

Malware Analysis – amadey – c05a5e1f0fe1ada0824c6ed62d7c1014

Malware Analysis – amadey – df551c1f4b32c3c1bba785c23297b62c

Malware Analysis – djvu – 4eba652fcb08f677765760fd3b9af02f

Malware Analysis – ransomware – 09c09f6890098c4686b55b1af5a4494c

Movie Ticket Booking System cross-site scripting | CVE-2022-4250

Book Store Management System information disclosure | CVE-2022-4229

Ff4j code execution | CVE-2022-44262

Drachtio Server buffer overflow | CVE-2022-45909

Kaspersky Security Bulletin 2022. Statistics

Malware Analysis – persistence – a735ff10e359539181c1eca593091ee6

Malware Analysis – dcrat – fd16369ea0ae1958caa9cd09fc114704

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

CISA: Microsoft Releases December 2024 Security Updates

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: Cisco Releases Security Updates for NX-OS Software

You may have missed