Cobalt Stike Beacon Detected – 110[.]81[.]153[.]37:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Cobalt Stike Beacon Detected – 156[.]96[.]157[.]120:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]193[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]99[.]189:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 34d6da080af6ae29247f06bcae9292c5
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 34d6da080af6ae29247f06bcae9292c5SHA1: 6b1397afa50fd65b5dc38aac8e6c33ff11f9a1ddANALYSIS DATE: 2023-01-31T10:46:05ZTTPS: T1012, T1082, T1112, T1120, T1102,...
Malware Analysis – smokeloader – ef4734eb6342c1166b64c1597f8c1fed
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ef4734eb6342c1166b64c1597f8c1fedSHA1: 598ad1a4ff2c5e4ed49e14ec89cfd871f9bb83eeANALYSIS DATE: 2023-01-31T09:10:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – eb49b2fd2f173fa20b1ca9f7fd28f6cd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: eb49b2fd2f173fa20b1ca9f7fd28f6cdSHA1: 57afd277746bb9b96970c379eb1e32719a8180f4ANALYSIS DATE: 2023-01-31T09:57:37ZTTPS: T1012, T1222, T1082, T1053,...
Malware Analysis – discovery – f494e416737bbd1ea8af65d9bdfd6934
Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, upxMD5: f494e416737bbd1ea8af65d9bdfd6934SHA1: 3de0d51ea664794278734c7b30d938ceb1495c47ANALYSIS DATE: 2023-01-31T10:32:51ZTTPS: T1082, T1012, T1060, T1112, T1130, T1102, T1018, T1497...
Malware Analysis – djvu – 58860a1c3b2041fef660374813f99273
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, ransomware, stealer, trojan, vmprotectMD5: 58860a1c3b2041fef660374813f99273SHA1: e8d503260b7ca66dfd0ca0e3fffb327c0a6cc7c1ANALYSIS DATE: 2023-01-31T11:17:20ZTTPS: T1222, T1053,...
Malware Analysis – djvu – 8a60eb120c54fec26aa191b030c26d28
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8a60eb120c54fec26aa191b030c26d28SHA1: 6fc0adb8bd283e04d43db47408c3a9f2c26f93c0ANALYSIS DATE: 2023-01-31T11:14:25ZTTPS: T1005, T1081, T1222, T1053,...
Malware Analysis – djvu – 6263cf4ed224f1a7756f3d7c4c83cfda
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6263cf4ed224f1a7756f3d7c4c83cfdaSHA1: 8952d8e4aa5ffd114c09afb07d082e05492b087fANALYSIS DATE: 2023-01-31T10:51:11ZTTPS: T1053, T1060, T1112, T1012,...
Malware Analysis – smokeloader – c8558073caf7732e00775c381de062df
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c8558073caf7732e00775c381de062dfSHA1: c5c51097f6957cdc2feef36d40929bf5ba54cbd3ANALYSIS DATE: 2023-01-31T10:58:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Siretta QUARTZ-GOLD command execution | CVE-2022-42490
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Eta code execution | CVE-2022-25967
NAME__________Eta code executionPlatforms Affected:Eta Eta 1.14.2Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Eta could allow a remote attacker to execute arbitrary code...
Discourse denial of service | CVE-2023-23621
NAME__________Discourse denial of servicePlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of service, caused by a regular...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
OpenMage LTS code execution | CVE-2021-41144
NAME__________OpenMage LTS code executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
OpenMage LTS command execution | CVE-2021-39217
NAME__________OpenMage LTS command executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
QNAP running QTS and running QTS code execution | CVE-2022-27596
NAME__________QNAP running QTS and running QTS code executionPlatforms Affected:QNAP QTS 5.0.1 QNAP QuTS hero h5.0.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP running QTS...
Daily Vulnerability Trends: Tue Jan 31 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-35394Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool...
Malware Analysis – smokeloader – 796eec633508016212d9c0fba6ebcb34
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 796eec633508016212d9c0fba6ebcb34SHA1: 6f7f80791fe510406e741aa4e857311119135424ANALYSIS DATE: 2023-01-31T03:14:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – banker – 79c49abc1b3f7fd73ab505f4d7632963
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 79c49abc1b3f7fd73ab505f4d7632963SHA1: cf8c728f48c805bd9def4128f9d1b3aa22c78b90ANALYSIS DATE: 2023-01-31T03:30:51ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – discovery – 328ed3428d79bb38ec9d29a5cb27a5a7
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 328ed3428d79bb38ec9d29a5cb27a5a7SHA1: cd905b22794ca277a14d512fde28f1c20d01bdabANALYSIS DATE: 2023-01-31T03:30:56ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – bootkit – 858ee6ceb590822f57d2d98a32e3c5af
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, persistenceMD5: 858ee6ceb590822f57d2d98a32e3c5afSHA1: 0cd9e539e919dd0367c1d04e2644bc3e8ad109e5ANALYSIS DATE: 2023-01-31T03:45:42ZTTPS: T1012, T1067, T1130, T1112, T1082 ScoreMeaningExample10Known badA malware family...
