Month: March 2023

HackerOne Bug Bounty Disclosure: targeted-phishing-attacks-in-login-flow-v2byrtod

March 3, 2023

Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Targeted phishing attacks in Login flow v2 Full Report A considerable...

Malware Analysis – banker – 3884ec6219f6b9898ef5451ea11ceeed

March 3, 2023

Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 3884ec6219f6b9898ef5451ea11ceeedSHA1: 1c35778f44b7ed53cc55a8d70aefc8ae6741807cANALYSIS DATE: 2023-03-03T15:31:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – smokeloader – b8c11d1e438c7abf33904db470deab58

March 3, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b8c11d1e438c7abf33904db470deab58SHA1: af8ab902c26d27a6602c491848135fd852517b9eANALYSIS DATE: 2023-03-03T15:31:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 23ab7d03d01006cc9eebea2de38925dd

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 23ab7d03d01006cc9eebea2de38925ddSHA1: 52c36dfe969bbec89362fd9488992584e8098576ANALYSIS DATE: 2023-03-03T15:31:43ZTTPS: T1012, T1082,...

Malware Analysis – ransomware – ec7f50965cb1452b6401a51f7d763655

March 3, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ec7f50965cb1452b6401a51f7d763655SHA1: c936b6a86b76160520b2ca0bf33edd0f766b2476ANALYSIS DATE: 2023-03-03T15:08:04ZTTPS: T1012, T1120, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 531a9b4bfeac99f1a720d28d3af67a07

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 531a9b4bfeac99f1a720d28d3af67a07SHA1: 3fe02b5bf80e47ca2c180388b0ad5b7efe4952b9ANALYSIS DATE: 2023-03-03T16:30:10ZTTPS: T1012, T1082, T1222, T1005, T1081,...

Malware Analysis – djvu – a865e14a0f7113a556b576eb4dd8323d

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a865e14a0f7113a556b576eb4dd8323dSHA1: 0668b9b280c555a95707155a974b419f80849d95ANALYSIS DATE: 2023-03-03T16:44:26ZTTPS: T1012, T1082, T1005, T1081, T1222,...

Malware Analysis – bitrat – b42af31cea64330d0465bed0510089c0

March 3, 2023

Score: 10 MALWARE FAMILY: bitratTAGS:family:bitrat, persistence, trojan, upxMD5: b42af31cea64330d0465bed0510089c0SHA1: 3cd6c9277fe07111548e1030834c98e2412a380aANALYSIS DATE: 2023-03-03T16:50:20ZTTPS: T1082, T1060, T1112, T1130 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 87cbf451bcac74b3a78f5f0bf7fc9a4f

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 87cbf451bcac74b3a78f5f0bf7fc9a4fSHA1: dbde9ffca7c2c3601bbc8d197f86f532d8326777ANALYSIS DATE: 2023-03-03T16:17:37ZTTPS: T1012, T1082, T1005, T1081, T1222,...

Malware Analysis – smokeloader – 60ace299323eed3a7ac088224e8f0b25

March 3, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 60ace299323eed3a7ac088224e8f0b25SHA1: d38f59c4f01188276303d70f1fc63cef85cbf8d2ANALYSIS DATE: 2023-03-03T17:06:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 564957e1c71842e8b0086a521253a9ff

March 3, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 564957e1c71842e8b0086a521253a9ffSHA1: 567c5410c0bc6298eb8e81f39a2d08ef6e18fbcfANALYSIS DATE: 2023-03-03T17:31:06ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 0faa9e85ea04f86c43e65bb95c4e7879

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 0faa9e85ea04f86c43e65bb95c4e7879SHA1: a844870ea724f699e8401e2d31641bae3e1c6214ANALYSIS DATE: 2023-03-03T17:10:33ZTTPS: T1082, T1005, T1081, T1012, T1222,...

Malware Analysis – djvu – 1f1616df76db10c5a1013abf9641cc58

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 1f1616df76db10c5a1013abf9641cc58SHA1: 45cb0a4c643dd5f1361577140a0a47daed3c3bd1ANALYSIS DATE: 2023-03-03T16:54:57ZTTPS: T1053, T1012, T1082, T1005, T1081,...

New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

March 3, 2023

A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that...

Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

March 3, 2023

The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an...