Cobalt Stike Beacon Detected – 69[.]49[.]235[.]167:8088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Malware Analysis – djvu – 7e81c990211ee023d354c438b620532d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 7e81c990211ee023d354c438b620532dSHA1: b33e485bea1f17d4d2db7377cc5611173a189c80ANALYSIS DATE: 2023-02-24T10:34:05ZTTPS: T1031,...
Malware Analysis – djvu – 2fa1010fe73edff2ca5ef80a320e06ed
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 2fa1010fe73edff2ca5ef80a320e06edSHA1: 4438cd0a0298dee7a0313788c0a1d95cb25d409aANALYSIS DATE: 2023-02-24T10:20:58ZTTPS: T1012, T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – aa8446e1d3f05f7a26f23f9d6c4cb3ff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: aa8446e1d3f05f7a26f23f9d6c4cb3ffSHA1: f5b392c1f2c9e15e969c0fbfbba822ebde527ef6ANALYSIS DATE: 2023-02-24T10:16:56ZTTPS: T1060, T1112, T1082, T1005, T1081,...
Malware Analysis – play – 1f50fa0d0f6c295a5db3568e9f0684c2
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 1f50fa0d0f6c295a5db3568e9f0684c2SHA1: 6219bd0d064c0fffa91166c498d937cf066ec05eANALYSIS DATE: 2023-02-24T10:30:20ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Cobalt Stike Beacon Detected – 43[.]139[.]69[.]115:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]236[.]49[.]195:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]41[.]77[.]84:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]223[.]236[.]214:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 01ea2147d5a7db863126f0efc9634ec2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 01ea2147d5a7db863126f0efc9634ec2SHA1: 83c6293c139511cb3ae31d0de56f31e304b12e05ANALYSIS DATE: 2023-02-24T10:59:55ZTTPS: T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – d6f05fb0158ec1635196c5fb5c8bfe22
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, themida, trojan, vmprotectMD5: d6f05fb0158ec1635196c5fb5c8bfe22SHA1: 622826d26b9f1d84d9c140e3465656da03f92502ANALYSIS DATE: 2023-02-24T11:01:21ZTTPS:...
Malware Analysis – evasion – e5a50be83e694ec58a71d669870598a5
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistenceMD5: e5a50be83e694ec58a71d669870598a5SHA1: 2d7a8a10f6a959491ea61fb9d7c64f6d785276b8ANALYSIS DATE: 2023-02-24T11:34:15ZTTPS: T1082, T1059, T1004, T1112, T1031, T1562, T1489, T1060, T1158, T1018...
Malware Analysis – djvu – 9c5fe8ebcc6e8e5bc83495204cee5a24
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9c5fe8ebcc6e8e5bc83495204cee5a24SHA1: d7638d5a09338afe1e4f06e0b192f5ce3ea81b23ANALYSIS DATE: 2023-02-24T11:00:38ZTTPS: T1222, T1005, T1081, T1060, T1112,...
Cobalt Stike Beacon Detected – 91[.]238[.]203[.]2:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]92[.]114[.]227:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]41[.]77[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]91[.]84[.]1:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Misskey cross-site scripting | CVE-2023-25154
NAME__________Misskey cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Misskey is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
Apple iOS, iPadOS and macOS Ventura information disclosure | CVE-2023-23520
NAME__________Apple iOS, iPadOS and macOS Ventura information disclosurePlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information...
Apache Airflow AWS Provider information disclosure | CVE-2023-25956
NAME__________Apache Airflow AWS Provider information disclosurePlatforms Affected:Apache Airflow AWS Provider 7.2.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow AWS Provider could allow a...
EIP Stack Group OpENer denial of service | CVE-2022-43606
NAME__________EIP Stack Group OpENer denial of servicePlatforms Affected:EIP Stack Group OpENerRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________EIP Stack Group OpENer is vulnerable...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23530
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
Apache Airflow Google Provider denial of service | CVE-2023-25692
NAME__________Apache Airflow Google Provider denial of servicePlatforms Affected:Apache Airflow Google Provider 8.9.0Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Airflow Google Provider is vulnerable...
SHIRASAGI cross-site scripting | CVE-2023-22425
NAME__________SHIRASAGI cross-site scriptingPlatforms Affected:SHIRASAGI SHIRASAGI 1.16.2Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SHIRASAGI is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
