Cobalt Stike Beacon Detected – 3[.]115[.]104[.]192:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Malware Analysis – djvu – 35ae0e39993e000deb10e26406b7846e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 35ae0e39993e000deb10e26406b7846eSHA1: 421e61dca4f3d9e7e471e6d646f8440b6ce63a84ANALYSIS DATE: 2023-02-28T10:21:19ZTTPS: T1082, T1053, T1012, T1005, T1081,...
Malware Analysis – djvu – 4125fa73b85056ccd163fc08307f6d61
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 4125fa73b85056ccd163fc08307f6d61SHA1: e4d91a6c035a17de15665fdfbba7f0bbc6ee2272ANALYSIS DATE: 2023-02-28T10:02:14ZTTPS: T1012,...
Malware Analysis – djvu – 9fa7c62a4aac9c219defa886b6e6b01a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9fa7c62a4aac9c219defa886b6e6b01aSHA1: d040a3a9157498b8946829c87e0a21e35168e537ANALYSIS DATE: 2023-02-28T10:20:33ZTTPS: T1222, T1012, T1082, T1060, T1112,...
Malware Analysis – djvu – a822f2c5685b5071d945f53a75f31b47
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a822f2c5685b5071d945f53a75f31b47SHA1: 0f7323a6fd73a36da8384f00c50360f69ba28f6aANALYSIS DATE: 2023-02-28T10:32:36ZTTPS: T1082, T1053, T1012, T1005, T1081,...
Cobalt Stike Beacon Detected – 1[.]13[.]254[.]87:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]194[.]213[.]51:8034
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]6:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]19[.]125:8585
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – a0ed2f262fb1c36c2a8e248292114ce6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a0ed2f262fb1c36c2a8e248292114ce6SHA1: 33dc687c00c1f60834e12bf98750dfff4374f068ANALYSIS DATE: 2023-02-28T10:34:19ZTTPS: T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 9649c65f594f4d871ee9eb889c4c1a31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9649c65f594f4d871ee9eb889c4c1a31SHA1: c795b31cf2972fad2d1c105eec1b5246ec83f1bdANALYSIS DATE: 2023-02-28T11:31:10ZTTPS: T1060, T1112, T1222, T1082, T1005,...
Malware Analysis – djvu – c13f64b54d8640237ebc8c9edcf482b4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: c13f64b54d8640237ebc8c9edcf482b4SHA1: b2f496500a8ba5503152cafd7f8e45f0c4430febANALYSIS DATE: 2023-02-28T11:51:01ZTTPS: T1060, T1112, T1005, T1081, T1082,...
Malware Analysis – djvu – b5301a4e4c0106610a65c09320704cc5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, stealer, trojan, vmprotectMD5: b5301a4e4c0106610a65c09320704cc5SHA1: dac7814be2c38e22aff9c78efaa020cbbfbabcf9ANALYSIS DATE: 2023-02-28T10:33:29ZTTPS: T1012, T1120,...
ZoneMinder file inclusion | CVE-2023-26038
NAME__________ZoneMinder file inclusionPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ZoneMinder could allow a remote authenticated attacker to include arbitrary files. An attacker could...
Real Temp code execution | CVE-2023-1047
NAME__________Real Temp code executionPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Real Temp could allow a local authenticated attacker to execute arbitrary code on...
MuYuCMS directory traversal | CVE-2023-1043
NAME__________MuYuCMS directory traversalPlatforms Affected:Risk Level:4.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MuYuCMS could allow a remote authenticated attacker to traverse directories on the...
Nextcloud Server denial of service | CVE-2023-25816
NAME__________Nextcloud Server denial of servicePlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nextcloud Server is vulnerable to a denial of service, caused by...
Online Boat Reservation System cross-site scripting | CVE-2023-1030
NAME__________Online Boat Reservation System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Boat Reservation System is vulnerable to cross-site scripting, caused by...
lite-web-server denial of service | CVE-2023-26104
NAME__________lite-web-server denial of servicePlatforms Affected:lite-web-server lite-web-server 1.2.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________lite-web-server is vulnerable to a denial of service, caused by...
All in One SEO plugin for WordPress cross-site scripting | CVE-2023-0586
NAME__________All in One SEO plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________All in One SEO plugin for WordPress is...
Clinic’s Patient Management System SQL injection | CVE-2023-1035
NAME__________Clinic's Patient Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Clinic's Patient Management System is vulnerable to SQL injection. A remote...
MuYuCMS code execution | CVE-2023-1044
NAME__________MuYuCMS code executionPlatforms Affected:Risk Level:4.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________MuYuCMS could allow a remote authenticated attacker to execute arbitrary code on...
IBM Cloud Pak for Business Automation cross-site scripting | CVE-2023-22860
NAME__________IBM Cloud Pak for Business Automation cross-site scriptingPlatforms Affected:IBM Cloud Pak for Business Automation 18.0.0 IBM Cloud Pak for Business...
All in One SEO plugin for WordPress cross-site scripting | CVE-2023-0585
NAME__________All in One SEO plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:4.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________All in One SEO plugin for WordPress is...
