OSINT

Malware Analysis – evasion – 444d141e21c6b3463c22460fbde9faf0

November 20, 2022

Score: 5 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 444d141e21c6b3463c22460fbde9faf0SHA1: b135ce8cfccf6eede4702630c0f64029235a1f07ANALYSIS DATE: 2022-11-20T10:00:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – discovery – 4fedcbbb748b46dfcc5bf5cd3b98ee97

November 20, 2022

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 4fedcbbb748b46dfcc5bf5cd3b98ee97SHA1: 1eb7e3a122e3aec420d022cf67d3b4c80073a008ANALYSIS DATE: 2022-11-20T10:48:42ZTTPS: T1222, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – c6c893e254a4a398585bc3637420d8eb

November 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c6c893e254a4a398585bc3637420d8ebSHA1: 0cc97cb63c9f9d68aa66100fb9579d00e98a6801ANALYSIS DATE: 2022-11-20T10:20:11ZTTPS: T1005, T1081, T1060, T1112,...

Cobalt Stike Beacon Detected – 8[.]134[.]94[.]89:9999

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 121[.]127[.]233[.]205:6666

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 1[.]12[.]217[.]122:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 192[.]241[.]137[.]49:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – discovery – 232c612b145c1bce0199d83106deff36

November 20, 2022

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 232c612b145c1bce0199d83106deff36SHA1: 95218e487c297036263c9334c1fb2c07535e4d99ANALYSIS DATE: 2022-11-20T09:35:12ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – evasion – 7942e895f8b745483dd75f02a0824194

November 20, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 7942e895f8b745483dd75f02a0824194SHA1: ea6049f860b569d597e08f5d38383ac3d3c23a7fANALYSIS DATE: 2022-11-20T10:51:03ZTTPS: T1490, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware family was...

Malware Analysis – persistence – 6593ee51226ea22ea668ad36b5c1c4e6

November 20, 2022

Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 6593ee51226ea22ea668ad36b5c1c4e6SHA1: e6123de7c1c3cf70b22fb6336686db11717f1285ANALYSIS DATE: 2022-11-20T10:55:36ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 1738d172abefcfdfbb0f711f7d0deaef

November 20, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1738d172abefcfdfbb0f711f7d0deaefSHA1: 974cae95f98809f53644a80416c80ce3f4a0fa92ANALYSIS DATE: 2022-11-20T11:18:06ZTTPS: T1060, T1112, T1005, T1081,...

Malware Analysis – octo – db4d31e071fb45a9056f2f826c6b7fe2

November 20, 2022

Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: db4d31e071fb45a9056f2f826c6b7fe2SHA1: 73f0554253906ce16b368cf2f6c25a4098ccfeb8ANALYSIS DATE: 2022-11-20T11:49:40ZTTPS: ScoreMeaningExample10Known badA malware family was...

Empire C2 Detected – 45[.]76[.]144[.]44:80

November 20, 2022

The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]92[.]146[.]183:80

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]142[.]190[.]164:7777

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 119[.]8[.]126[.]102:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]143[.]136[.]106:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 77[.]73[.]131[.]173:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 121[.]41[.]59[.]127:7777

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 167[.]71[.]204[.]199:443

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]43[.]249[.]51:666

November 20, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Daily Vulnerability Trends: Sun Nov 20 2022

November 20, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1388On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...

Malware Analysis – amadey – 110c6deba0ed4284514f49524ac9d29a

November 20, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:kript, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware,...

Malware Analysis – amadey – 7cdccebf9285a347dfb87f5782bc3ee4

November 20, 2022

OSINT

Malware Analysis – evasion – 444d141e21c6b3463c22460fbde9faf0

Malware Analysis – discovery – 4fedcbbb748b46dfcc5bf5cd3b98ee97

Malware Analysis – djvu – c6c893e254a4a398585bc3637420d8eb

Cobalt Stike Beacon Detected – 8[.]134[.]94[.]89:9999

Cobalt Stike Beacon Detected – 121[.]127[.]233[.]205:6666

Cobalt Stike Beacon Detected – 1[.]12[.]217[.]122:443

Cobalt Stike Beacon Detected – 192[.]241[.]137[.]49:443

Malware Analysis – discovery – 232c612b145c1bce0199d83106deff36

Malware Analysis – evasion – 7942e895f8b745483dd75f02a0824194

Malware Analysis – persistence – 6593ee51226ea22ea668ad36b5c1c4e6

Malware Analysis – djvu – 1738d172abefcfdfbb0f711f7d0deaef

Malware Analysis – octo – db4d31e071fb45a9056f2f826c6b7fe2

Empire C2 Detected – 45[.]76[.]144[.]44:80

Cobalt Stike Beacon Detected – 47[.]92[.]146[.]183:80

Cobalt Stike Beacon Detected – 43[.]142[.]190[.]164:7777

Cobalt Stike Beacon Detected – 119[.]8[.]126[.]102:443

Cobalt Stike Beacon Detected – 43[.]143[.]136[.]106:443

Cobalt Stike Beacon Detected – 77[.]73[.]131[.]173:443

Cobalt Stike Beacon Detected – 121[.]41[.]59[.]127:7777

Cobalt Stike Beacon Detected – 167[.]71[.]204[.]199:443

Cobalt Stike Beacon Detected – 101[.]43[.]249[.]51:666

Daily Vulnerability Trends: Sun Nov 20 2022

Malware Analysis – amadey – 110c6deba0ed4284514f49524ac9d29a

Malware Analysis – amadey – 7cdccebf9285a347dfb87f5782bc3ee4

Cobalt Strike Beacon Detected – 119[.]91[.]41[.]170:80

Cobalt Strike Beacon Detected – 124[.]220[.]48[.]168:2379

Cobalt Strike Beacon Detected – 81[.]70[.]255[.]195:8080

Cobalt Strike Beacon Detected – 129[.]204[.]103[.]151:8081

Cobalt Strike Beacon Detected – 106[.]75[.]215[.]96:8081

You may have missed