Cobalt Stike Beacon Detected – 43[.]138[.]121[.]8:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: February 2023
Cobalt Stike Beacon Detected – 150[.]158[.]41[.]176:800
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – persistence – 5f77cb5129da0751684b33dd4348b842
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 5f77cb5129da0751684b33dd4348b842SHA1: 4585da0ff7a763be1a46d78134624f7cd13e6940ANALYSIS DATE: 2023-02-17T09:39:19ZTTPS: T1060, T1112, T1005, T1081, T1082, T1012, T1120 ScoreMeaningExample10Known...
Malware Analysis – djvu – 526a47fe8d9412f34715d5e7d076867e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 526a47fe8d9412f34715d5e7d076867eSHA1: ec884f0092138965ba915dc68dea00e9aed5d6bfANALYSIS DATE: 2023-02-17T10:00:16ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – smokeloader – 872424630248155787ee40b92d729795
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 872424630248155787ee40b92d729795SHA1: 35c615cffa793680d5c50acfdd3707cfc817c339ANALYSIS DATE: 2023-02-17T10:03:11ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1ec53a299c766db9fb3b32427526bd0b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 1ec53a299c766db9fb3b32427526bd0bSHA1: 3c57b013ae239b7fa9d329e9e57ac5e99d295996ANALYSIS DATE: 2023-02-17T10:21:25ZTTPS: T1060, T1112, T1222, T1012,...
Malware Analysis – djvu – e54ae4c8a68d9bb0b8e04bae12af7aa2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e54ae4c8a68d9bb0b8e04bae12af7aa2SHA1: e4add6a96dec78af50508a511154a7675d82cc34ANALYSIS DATE: 2023-02-17T10:44:41ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – smokeloader – 30824c41f87523365ea97bb45124e05b
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 30824c41f87523365ea97bb45124e05bSHA1: 84f3006abb751f0e3f2379f82fb21192dff007a1ANALYSIS DATE: 2023-02-17T11:04:58ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 6b093576c42c0eb186769a4e6ee81400
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 6b093576c42c0eb186769a4e6ee81400SHA1: 14f30cac446218af606f9a03a3690f0ee17c79c0ANALYSIS DATE: 2023-02-17T10:51:22ZTTPS: T1060, T1112, T1222, T1082, T1012, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 14667effb60e1be24d814d91d12ee5c1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 14667effb60e1be24d814d91d12ee5c1SHA1: 1c7105a70a057b8e0cdcd78dec66bcf11e5b7d79ANALYSIS DATE: 2023-02-17T11:10:58ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – djvu – e0963f1a683eec5923eb93f096246d92
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e0963f1a683eec5923eb93f096246d92SHA1: d3c47b231db6e7e5e34b5fabb382a655bcff22e0ANALYSIS DATE: 2023-02-17T11:08:45ZTTPS: T1060, T1112, T1222, T1082,...
Microsoft Dynamics 365 (on-premises) | CVE-2023-21807
NAME__________Microsoft Dynamics 365 (on-premises)Platforms Affected:Microsoft Dynamics 365 8.2 on-premise Microsoft Dynamics 365 9.0 on-premise Microsoft Dynamics 365 9.1 on-premisesRisk Level:5.8Exploitability:HighConsequences:Gain...
Adobe Premiere Rush code execution | CVE-2023-22244
NAME__________Adobe Premiere Rush code executionPlatforms Affected:Adobe Premiere Rush 2.6Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe Premiere Rush could allow a remote attacker to...
Adobe Photoshop code execution | CVE-2023-21576
NAME__________Adobe Photoshop code executionPlatforms Affected:Adobe Photoshop 2022 23.5.3 Adobe Photoshop 2023 24.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe Photoshop could allow a remote...
Mozilla Firefox security bypass | CVE-2023-25734
NAME__________Mozilla Firefox security bypassPlatforms Affected:Mozilla Firefox 109 Mozilla Firefox ESR 102.7Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a remote attacker...
Microsoft Windows Internet Storage Name Service (iSNS) information disclosure | CVE-2023-21699
NAME__________Microsoft Windows Internet Storage Name Service (iSNS) information disclosurePlatforms Affected:Microsoft Windows Server 2008 R2 SP1 x64 Microsoft Windows Server 2012...
Dell EMC Unity man-in-the-middle | CVE-2022-22564
NAME__________Dell EMC Unity man-in-the-middlePlatforms Affected:Dell EMC Unity 5Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC Unity is vulnerable to a man-in-the-middle attack, caused...
Microsoft Azure Machine Learning Compute Instance information disclosure | CVE-2023-23382
NAME__________Microsoft Azure Machine Learning Compute Instance information disclosurePlatforms Affected:Microsoft Azure Machine LearningRisk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Azure Machine Learning could allow...
Siemens Solid Edge code execution | CVE-2023-25140
NAME__________Siemens Solid Edge code executionPlatforms Affected:Siemens Solid EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens Solid Edge could allow a remote attacker to execute...
Microsoft Windows Protected Extensible Authentication Protocol (PEAP) denial of service | CVE-2023-21701
NAME__________Microsoft Windows Protected Extensible Authentication Protocol (PEAP) denial of servicePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft...
Microsoft Office information disclosure | CVE-2023-21714
NAME__________Microsoft Office information disclosurePlatforms Affected:Microsoft 365 Apps for Enterprise x32 Microsoft 365 Apps for Enterprise x64 Microsoft Office LTSC 2021...
Intel oneAPI Toolkits privilege escalation | CVE-2022-26062
NAME__________Intel oneAPI Toolkits privilege escalationPlatforms Affected:Intel C++ Compiler Classic 2021.6 Intel oneAPI HPC ToolkitRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Intel oneAPI Toolkits could...
SAP Solution Manager cross-site scripting | CVE-2023-0025
NAME__________SAP Solution Manager cross-site scriptingPlatforms Affected:SAP Solution Manager 720Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SAP Solution Manager is vulnerable to cross-site scripting, caused...
Adobe Animate buffer overflow | CVE-2023-22243
NAME__________Adobe Animate buffer overflowPlatforms Affected:Adobe Animate 2022 22.0.8 Adobe Animate 2023 23.0.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe Animate is vulnerable to a...
