Cobalt Stike Beacon Detected – 172[.]247[.]32[.]228:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]43:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]11[.]25:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]254[.]66[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Karakurt Ransomware Victim: River City Science Academy
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: possibility-to-delete-files-attached-to-deck-cards-of-other-usersbysupr4s
Programme HackerOne Nextcloud Nextcloud Submitted by supr4s supr4s Report Possibility to delete files attached to deck cards of other users...
HackerOne Bug Bounty Disclosure: passcode-bypass-on-talk-android-appbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Passcode bypass on Talk Android app Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: missing-character-limitation-allows-to-put-generate-a-database-errorbyerror_2001
Programme HackerOne Nextcloud Nextcloud Submitted by error_2001 error_2001 Report Missing character limitation allows to put generate a database error Full...
Crypto-inspired Magecart skimmer surfaces via digital crime haven
Online criminals rarely reinvent the wheel, especially when they don't have to. From ransomware to password stealers, there are a...
Winnti APT group docks in Sri Lanka for new campaign
In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat...
Cobalt Stike Beacon Detected – 185[.]62[.]58[.]53:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 96[.]126[.]126[.]84:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 152[.]32[.]145[.]237:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – f5776eb12290fcd3f2288ae4d877d090
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f5776eb12290fcd3f2288ae4d877d090SHA1: 9516cc9ff311ccec53653acb990e98356da2c001ANALYSIS DATE: 2023-01-09T09:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – dcrat – 8bb59c5b3a4699c59c0acda7385af9ea
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 8bb59c5b3a4699c59c0acda7385af9eaSHA1:...
Malware Analysis – djvu – 9b1131057924c3a1841acbe107ee086e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 9b1131057924c3a1841acbe107ee086eSHA1: 80539f9485c9e29733ca57a24b2c9b37fb4ac0acANALYSIS DATE: 2023-01-09T09:23:07ZTTPS: T1060, T1112, T1222, T1053,...
Malware Analysis – banker – 6dce96266bfb1e4db3657021bdaea6a0
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 6dce96266bfb1e4db3657021bdaea6a0SHA1: 77781f078a3727c557b2a8800f2593d67d7aa529ANALYSIS DATE: 2023-01-09T10:34:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – 5f979a8a2446ecc43b10dba94238edcc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 5f979a8a2446ecc43b10dba94238edccSHA1: 407e927137549a9da50b58089be640682afe1474ANALYSIS DATE: 2023-01-09T10:32:53ZTTPS: T1012,...
Malware Analysis – – 6c1797c5a0b5d5d07fc74f474c9498d3
Score: 1 MALWARE FAMILY: TAGS:MD5: 6c1797c5a0b5d5d07fc74f474c9498d3SHA1: 69a884bbee18c8ebee0c329c14f58728c51c58f2ANALYSIS DATE: 2023-01-09T10:44:13ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – e7278549bc6c6dac549f7d64530875cb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e7278549bc6c6dac549f7d64530875cbSHA1: 01df4b33ff01685105c10cac2d83041fda547194ANALYSIS DATE: 2023-01-09T10:20:18ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – aurora – 23646c9325387fa729732c7b88c72ad7
Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 23646c9325387fa729732c7b88c72ad7SHA1:...
Malware Analysis – djvu – a361a0f3a8220185911ccf9aca4aaad4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: a361a0f3a8220185911ccf9aca4aaad4SHA1: 322767f2549261cce0ccfd1a752b2bac9941ac4dANALYSIS DATE: 2023-01-09T10:48:37ZTTPS: T1222, T1005, T1081, T1012,...
Malware Analysis – evasion – 99e3c49edfa0934419a87adb9a1d99dd
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 99e3c49edfa0934419a87adb9a1d99ddSHA1: 4c82fbdda744ce7ccf91e7f07b4ac2efffa68f19ANALYSIS DATE: 2023-01-09T11:08:36ZTTPS: T1060, T1112, T1491, T1158 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – ad4c99e6d61c62723324f02e6cfee6d3
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: ad4c99e6d61c62723324f02e6cfee6d3SHA1: 189168db2318d45b5a35d2f1410a4dfdcb71c61aANALYSIS DATE: 2023-01-09T11:10:12ZTTPS: T1491, T1112, T1060, T1158 ScoreMeaningExample10Known badA malware family was...
