Cobalt Stike Beacon Detected – 107[.]189[.]13[.]130:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Malware Analysis – djvu – 33d2fef7a2a0bbec3c6cac10d112df34
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 33d2fef7a2a0bbec3c6cac10d112df34SHA1: 320bb536a40dc2cc795c378fcad84ec20d06cad6ANALYSIS DATE: 2023-02-06T10:30:12ZTTPS: T1060, T1112, T1222, T1082,...
Malware Analysis – djvu – 83f8cfa0ca3163d58d3394f430b6a3d7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 83f8cfa0ca3163d58d3394f430b6a3d7SHA1: 2be35fa3e4606916f54c43c7072ec2e948a68270ANALYSIS DATE: 2023-02-06T10:47:28ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – cffb8a63b2c022bb8396a36c3c1d1cc1
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: cffb8a63b2c022bb8396a36c3c1d1cc1SHA1:...
Malware Analysis – smokeloader – edfe3e765085055a28f27904219853de
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: edfe3e765085055a28f27904219853deSHA1: f76a53589eea6ceee8112072904ed79264674f9dANALYSIS DATE: 2023-02-06T10:55:18ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – banker – ec9f857999b4fc3dd007fdb786b7a8d1
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: ec9f857999b4fc3dd007fdb786b7a8d1SHA1: 3fa48a36d22d848ad111b246ca94fa58088dbb7aANALYSIS DATE: 2023-02-06T11:15:50ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – amadey – 28c22b525e425af8500a7d403ba20cea
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 28c22b525e425af8500a7d403ba20ceaSHA1:...
Malware Analysis – smokeloader – 923e961badeb135ef2f942a26b2c205a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 923e961badeb135ef2f942a26b2c205aSHA1: fd98590b040d496d37fc02b739a1582839ca12fdANALYSIS DATE: 2023-02-06T11:01:43ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – bootkit – 42e52b8daf63e6e26c3aa91e7e971492
Score: 7 MALWARE FAMILY: bootkitTAGS:bootkit, persistence, spyware, stealerMD5: 42e52b8daf63e6e26c3aa91e7e971492SHA1: 98b3fb74b3e8b3f9b05a82473551c5a77b576d54ANALYSIS DATE: 2023-02-06T11:31:35ZTTPS: T1005, T1081, T1067 ScoreMeaningExample10Known badA malware family was...
Daily Vulnerability Trends: Mon Feb 06 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27596A vulnerability has been reported to affect QNAP device running QuTS hero,...
EAST – Extensible Azure Security Tool – Documentation
Extensible Azure Security Tool (Later referred as E.A.S.T) is tool for assessing Azure and to some extent Azure AD security...
Winevt_Logs_Analysis – Searching .Evtx Logs For Remote Connections
Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for...
Monomorph – MD5-Monomorphic Shellcode Packer – All Payloads Have The Same MD5 Hash
════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id...
Suborner – The Invisible Account Forger
What's this? A simple program to create a Windows account you will only know about :) Create invisible local accounts...
Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks
Self-Service Security Assessment too l Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and...
Malware Analysis – amadey – 8750e1544d10060bc87b5c5e3109a738
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
Malware Analysis – ransomware – 32c597431850f492c8d2b66d17bebd79
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 32c597431850f492c8d2b66d17bebd79SHA1: bb6d7632e307c15145fcf2805d114dd0a6d5af81ANALYSIS DATE: 2023-02-06T04:19:51ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 9e700530bdc14bc3bdd866492cda6f70
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 9e700530bdc14bc3bdd866492cda6f70SHA1: 11874dd448c0e658a36f12331845bc669de1d179ANALYSIS DATE: 2023-02-06T05:31:51ZTTPS: T1082, T1005, T1081, T1222,...
Malware Analysis – ransomware – ac9cc84a29f6f32f3f2e0a56b5ef3f13
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ac9cc84a29f6f32f3f2e0a56b5ef3f13SHA1: 70537527f7c0930459e1ad71848393dcc8f40309ANALYSIS DATE: 2023-02-06T03:38:27ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Truth Finder – 8,159,573 breached accounts
HIBP In 2019, the public records search service TruthFinder suffered a data breach that later came to light in early...
Malware Analysis – evasion – 9a9b6378002daad4ccfce9cba9a34933
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9a9b6378002daad4ccfce9cba9a34933SHA1: 77575fb1e8445eb8e7dff01e99906cf256bd7e0bANALYSIS DATE: 2023-02-05T20:53:15ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – ransomware – 1d7d853773131ef4a31c875ae9914cda
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1d7d853773131ef4a31c875ae9914cdaSHA1: 8f6e355d8cc8d048c823c6d0a4f219d08d4c5124ANALYSIS DATE: 2023-02-05T20:23:55ZTTPS: T1012, T1082, T1120 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – evasion – a0181ff906bc0cb553899eb446ca1b08
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: a0181ff906bc0cb553899eb446ca1b08SHA1: c8990ef58f21d12a46f4af2f4084ea3ab530d742ANALYSIS DATE: 2023-02-05T20:56:06ZTTPS: T1012, T1082, T1491, T1112, T1120 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 7b4b45f6f9ee88b3bac8b538932520e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7b4b45f6f9ee88b3bac8b538932520e1SHA1: 761bcda57915a9c32e73209a7c52704b5de3f6faANALYSIS DATE: 2023-02-05T21:27:38ZTTPS: T1012, T1053, T1005, T1081,...
