Cobalt Stike Beacon Detected – 118[.]195[.]172[.]110:8012
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: March 2023
Malware Analysis – djvu – 70a8331725cb661616a8082d5b943a35
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 70a8331725cb661616a8082d5b943a35SHA1: c88a37a811ab884a26ecdf4b29ffce8387a08fd2ANALYSIS DATE: 2023-03-06T10:37:39ZTTPS: T1005, T1081, T1060, T1112, T1222,...
Malware Analysis – djvu – aced83bf00dcddbe5b90f7f43ccd272f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: aced83bf00dcddbe5b90f7f43ccd272fSHA1: 39e6dffb435a2c506f14252fc8acdfb0135e2111ANALYSIS DATE: 2023-03-06T10:20:36ZTTPS: T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 0b8588379ad0cc771f8d05e0fbf72487
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 0b8588379ad0cc771f8d05e0fbf72487SHA1: 39975389c5a3020cd51a65af82279466cf679d37ANALYSIS DATE: 2023-03-06T10:43:40ZTTPS: T1012, T1082, T1005, T1081, T1222,...
Malware Analysis – djvu – a3cb7cdc9bfe987e3a9d962a3a704c75
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a3cb7cdc9bfe987e3a9d962a3a704c75SHA1: 3aafc32da690dd5b16f920b23fe3d28aa3bb3ea3ANALYSIS DATE: 2023-03-06T10:13:49ZTTPS: T1082, T1012, T1005, T1081, T1060,...
Cobalt Stike Beacon Detected – 20[.]246[.]185[.]142:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]34[.]97:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]87[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]187[.]185:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 72d3f7ad0028d359a27ff01d920b3497
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 72d3f7ad0028d359a27ff01d920b3497SHA1: 6b07f1fab9d1598d68bc0b726155ba70a6840477ANALYSIS DATE: 2023-03-06T11:49:23ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – chaos – 84dbf5b66139cf86f87ac1d420c736c9
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomware, spyware, stealerMD5: 84dbf5b66139cf86f87ac1d420c736c9SHA1: 4ca604aec1c66194182b25c4cc0fdf17ef9eeb7fANALYSIS DATE: 2023-03-06T11:20:06ZTTPS: T1005, T1081, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 76a1e1bfd28d7125af316d6e6b72ad4a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 76a1e1bfd28d7125af316d6e6b72ad4aSHA1: b07d28b37e1ba0c3ff482171550599d4ea6c159dANALYSIS DATE: 2023-03-06T10:45:13ZTTPS: T1012, T1053, T1060, T1112, T1005,...
Malware Analysis – lockbit – 290ee6b6f6b2a5f0899a6f35073f8eb4
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 290ee6b6f6b2a5f0899a6f35073f8eb4SHA1: 4fe51b2fd9b481f74f5b56ecb2ab97b3268ba6d0ANALYSIS DATE: 2023-03-06T11:49:07ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Cobalt Stike Beacon Detected – 79[.]137[.]198[.]115:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]91[.]78[.]185:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]141[.]252:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 57[.]128[.]195[.]112:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
JTEKT ELECTRONICS Kostac PLC Programming Software code execution | CVE-2023-22424
NAME__________JTEKT ELECTRONICS Kostac PLC Programming Software code executionPlatforms Affected:JTEKT ELECTRONICS Kostac PLC Programming Software 1.6.9.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________JTEKT ELECTRONICS Kostac...
finixbit elf-parser denial of service | CVE-2023-1157
NAME__________finixbit elf-parser denial of servicePlatforms Affected:finixbit elf-parserRisk Level:2.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________finixbit elf-parser is vulnerable to a denial of service, caused...
ASOS cross-site scripting | CVE-2023-0578
NAME__________ASOS cross-site scriptingPlatforms Affected:ASOS Information Technologies Book Cites 23.01Risk Level:4.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ASOS Information Technologies Book Cites is vulnerable to cross-site...
JTEKT ELECTRONICS Kostac PLC Programming Software code execution | CVE-2023-22421
NAME__________JTEKT ELECTRONICS Kostac PLC Programming Software code executionPlatforms Affected:JTEKT ELECTRONICS Kostac PLC Programming Software 1.6.9.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________JTEKT ELECTRONICS Kostac...
NetApp StorageGRID denial of service | CVE-2022-38734
NAME__________NetApp StorageGRID denial of servicePlatforms Affected:NetApp StorageGRID 11.6.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NetApp StorageGRID is vulnerable to a denial of service,...
Dell PowerScale OneFS information disclosure | CVE-2023-25536
NAME__________Dell PowerScale OneFS information disclosurePlatforms Affected:Dell PowerScale OneFS 9.4.0Risk Level:6.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell PowerScale OneFS could allow a local authenticated attacker...
Cisco IP Phone 6800, 7800, and 8800 Series denial of service | CVE-2023-20079
NAME__________Cisco IP Phone 6800, 7800, and 8800 Series denial of servicePlatforms Affected:Cisco IP Phone 6800 Series Cisco IP Phone 7800...
