US charges Ukrainian man with Raccoon Infostealer operation
US authorities charged a Ukrainian man with computer fraud for allegedly infecting millions of computers with Raccoon Infostealer. The US...
OSINT
ProtectMyTooling – Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry
Script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants....
Malware Analysis – ransomware – e08ce5d0e0766ddb80540bf783a9488e
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: e08ce5d0e0766ddb80540bf783a9488eSHA1: 4aeb2e764fc6f72c87af21a95ad4308e33851fc5ANALYSIS DATE: 2022-10-26T08:20:04ZTTPS: T1005, T1081, T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA...
Malware Analysis – ransomware – 73fc61bbec7230ef268be95246dbfa67
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 73fc61bbec7230ef268be95246dbfa67SHA1: d700c6548240a75fc8a0b72ac4ad2cca1b6d4fe5ANALYSIS DATE: 2022-10-26T08:21:04ZTTPS: T1012, T1120, T1082, T1005, T1081, T1107, T1490 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 897904a30b9f93342c41c7baccc0395e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:fote, botnet:mario23_10, botnet:nam7, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – ransomware – e639e001fb263d44d896b16771277ce9
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e639e001fb263d44d896b16771277ce9SHA1: a0fb7a992b50da292ef5770630c139d58049388bANALYSIS DATE: 2022-10-26T08:21:44ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – wannacry – eea2153661910584cf63390ca3adb28b
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: eea2153661910584cf63390ca3adb28bSHA1: 1e90186e9054aec6bdce46ad2ccec11e164440eeANALYSIS DATE: 2022-10-26T09:40:20ZTTPS: T1046, T1158, T1222, T1082, T1005,...
Malware Analysis – wannacry – eea571229a25bc2f5b59dce07c361cb2
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: eea571229a25bc2f5b59dce07c361cb2SHA1: b341437a1f94d645e5628d8491f068de1a049fb9ANALYSIS DATE: 2022-10-26T08:30:43ZTTPS: T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 11a56eaa628aa4a2576a0e7fb15a52c7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:google2, botnet:mario23_10, botnet:nam7, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – wannacry – 5535a78a4b4a483f5eeef222c4a142f0
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: 5535a78a4b4a483f5eeef222c4a142f0SHA1: 1697a46489e50c54520aa0bfc6f3663bbce12920ANALYSIS DATE: 2022-10-26T10:00:21ZTTPS: T1082, T1005, T1081, T1491, T1112,...
Cobalt Stike Beacon Detected – 124[.]221[.]248[.]119:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 042fd0315eccd1810935b117f8c1f80d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, botnet:nam7, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – discovery – 223a5331677dccb0d104c4ff1932a222
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 223a5331677dccb0d104c4ff1932a222SHA1: 08875300c7bc8cdfcfb714c221404773f1c7da57ANALYSIS DATE: 2022-10-26T10:14:58ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – wannacry – c0ca2ff66deb363ad5186ca42387a1ec
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: c0ca2ff66deb363ad5186ca42387a1ecSHA1: e2ea45088d801a4654c6e80ba3813a666eba3074ANALYSIS DATE: 2022-10-26T10:00:31ZTTPS: T1046, T1158, T1222 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – wannacry – 0e4c64bd0db07a8da4a577ce09ad2ce5
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 0e4c64bd0db07a8da4a577ce09ad2ce5SHA1: 8ace3f83841d5e7d4ffb28692378dea58edb3dc1ANALYSIS DATE: 2022-10-26T10:00:26ZTTPS: T1158, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 27e067421cc490a5e99e2115f0bb4277
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 27e067421cc490a5e99e2115f0bb4277SHA1: 162b5729e0255d3cd5f22ac454e7a57b23ff0abcANALYSIS DATE: 2022-10-26T10:40:32ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – wannacry – 60d2fd5a1b013f6e6ea6a937a85aea86
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 60d2fd5a1b013f6e6ea6a937a85aea86SHA1: 75c509bf1842bb13def4137e61ec2b2e177e95deANALYSIS DATE: 2022-10-26T10:20:21ZTTPS: T1158, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 6b0c04b30f34d975a34cd1b789d29db7
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 6b0c04b30f34d975a34cd1b789d29db7SHA1: 3198404e4f97321720829dae641e06d360d705d1ANALYSIS DATE: 2022-10-26T10:40:27ZTTPS: T1091, T1005, T1081, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 4aa20e139e4599ff9a50edf65716677f
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4aa20e139e4599ff9a50edf65716677fSHA1: 1d01c5b9b852ac3291c7c6a1e35e168d80ed239cANALYSIS DATE: 2022-10-26T10:40:20ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited
Cisco warns of active exploitation attempts targeting two vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows. Cisco is...
VMware fixes critical RCE in VMware Cloud Foundation
VMware addressed a critical remote code execution vulnerability in VMware Cloud Foundation tracked as CVE-2021-39144. VMware has released security updates...
Daily Vulnerability Trends: Wed Oct 26 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-3493The overlayfs implementation in the linux kernel did not properly validate with...
Cobalt Stike Beacon Detected – 164[.]132[.]6[.]83:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]185[.]84[.]28:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
