Cobalt Stike Beacon Detected – 45[.]92[.]158[.]220:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: February 2023
Cobalt Stike Beacon Detected – 146[.]190[.]118[.]40:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]148[.]9:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 036b724993d70eeada2c2607e0d5028e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 036b724993d70eeada2c2607e0d5028eSHA1: 0bafca071bac6f6dff62841419a50ee070d5ba33ANALYSIS DATE: 2023-02-18T09:21:36ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – djvu – 087f75c142ef66212e79e99f26abf68a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 087f75c142ef66212e79e99f26abf68aSHA1: 44999a5c4ad01c3cc48868a49c81ef79d183d429ANALYSIS DATE: 2023-02-18T09:34:52ZTTPS: T1005, T1081, T1012, T1222,...
Malware Analysis – – 1ce725c0dc288d7789a0ba52a54726ac
Score: 1 MALWARE FAMILY: TAGS:MD5: 1ce725c0dc288d7789a0ba52a54726acSHA1: 20dcfb326a66350af7aea504277d7cc97caa420cANALYSIS DATE: 2023-02-18T09:22:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – f16b0526c3c7082918f6abf8fd944664
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f16b0526c3c7082918f6abf8fd944664SHA1: 8c6df4532d47296d62b5d935120a5d2e788978e8ANALYSIS DATE: 2023-02-18T09:18:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 146[.]190[.]164[.]193:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]130[.]125:8809
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]247[.]230:8082
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]195[.]119:2121
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – banker – ba1e76cfbd9461a75cea4976aec75450
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: ba1e76cfbd9461a75cea4976aec75450SHA1: d031a3a2a9880ff09589d5b8d5fc0cadee3fa73aANALYSIS DATE: 2023-02-18T10:55:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – discovery – 87cee2eb9b9190baf07970bbf9b2975c
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, phishing, ransomwareMD5: 87cee2eb9b9190baf07970bbf9b2975cSHA1: 156dbed1d99359a498021e7684f518a926630814ANALYSIS DATE: 2023-02-18T09:57:53ZTTPS: T1012, T1082, T1112, T1060, T1042 ScoreMeaningExample10Known badA malware...
Malware Analysis – discovery – 91ff0a576c00974ac41c59675fc4e2af
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 91ff0a576c00974ac41c59675fc4e2afSHA1: f786896607489c7c967cbb4f04688e42042bb261ANALYSIS DATE: 2023-02-18T11:02:38ZTTPS: T1060, T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 6f676a2ba7c6aadee8edf99abcdd3600
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, evasion, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 6f676a2ba7c6aadee8edf99abcdd3600SHA1:...
Malware Analysis – djvu – 3eb8fc05a7968465034bafd019786578
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, evasion, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 3eb8fc05a7968465034bafd019786578SHA1:...
Malware Analysis – djvu – b57dcc7a7a09f7bade0edc670e8f71b7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: b57dcc7a7a09f7bade0edc670e8f71b7SHA1: dac61b151a9fc6235ffcf1cbd66eb561fbf8e405ANALYSIS DATE: 2023-02-18T11:41:54ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – djvu – 14a6e77f2cf391b679fe64638d7d51cb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 14a6e77f2cf391b679fe64638d7d51cbSHA1: 0b8280d789e95fda1ff5fc93ac9d78d6c7c29679ANALYSIS DATE: 2023-02-18T11:38:28ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – persistence – 47c4a8f56f5770a8371c0464e133ece6
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 47c4a8f56f5770a8371c0464e133ece6SHA1: afc27e538f9cc3983020790880601fcc00b9c6e7ANALYSIS DATE: 2023-02-18T11:41:24ZTTPS: T1060, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
NETGEAR WNDR3700v2 denial of service | CVE-2023-0848
NAME__________NETGEAR WNDR3700v2 denial of servicePlatforms Affected:NETGEAR WNDR3700v2 1.0.1.14Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NETGEAR WNDR3700v2 is vulnerable to a denial of service,...
NETGEAR WNDR3700v2 denial of service | CVE-2023-0850
NAME__________NETGEAR WNDR3700v2 denial of servicePlatforms Affected:NETGEAR WNDR3700v2 1.0.1.14Risk Level:2.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NETGEAR WNDR3700v2 is vulnerable to a denial of service,...
NETGEAR WNDR3700v2 command execution | CVE-2023-0849
NAME__________NETGEAR WNDR3700v2 command executionPlatforms Affected:NETGEAR WNDR3700v2 1.0.1.14Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NETGEAR WNDR3700v2 could allow a remote authenticated attacker to execute arbitrary...
Sequelize information disclosure | CVE-2023-22580
NAME__________Sequelize information disclosurePlatforms Affected:Sequelize Sequelize 6.28.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sequelize could allow a remote attacker to obtain sensitive information, caused by...
containerd denial of service | CVE-2023-25153
NAME__________containerd denial of servicePlatforms Affected:containerd containerd 1.6.0 containerd containerd 1.5.17 containerd containerd 1.6.17Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________containerd is vulnerable to...
