Cobalt Stike Beacon Detected – 43[.]143[.]172[.]113:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Cobalt Stike Beacon Detected – 62[.]182[.]159[.]147:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]25[.]167[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – 34a120c01759401577fc71beca944aa4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 34a120c01759401577fc71beca944aa4SHA1: c569f5a37ef5d5e8bbfabc059b3e712491dc88ffANALYSIS DATE: 2022-10-06T08:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 34a120c01759401577fc71beca944aa4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 34a120c01759401577fc71beca944aa4SHA1: c569f5a37ef5d5e8bbfabc059b3e712491dc88ffANALYSIS DATE: 2022-10-06T08:30:48ZTTPS:...
Malware Analysis – djvu – 2867c3287900f54a65dc7654ba2d2f5b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2867c3287900f54a65dc7654ba2d2f5bSHA1: 6ba0115dd269992658cfa0b1a6d1b10bd2c48947ANALYSIS DATE: 2022-10-06T08:35:27ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – ransomware – 176c0e35328b032619dc485652148f6c
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 176c0e35328b032619dc485652148f6cSHA1: 00772f0f4bc58c23b4e1d338ba9ee3a1abd0aebdANALYSIS DATE: 2022-10-06T09:11:03ZTTPS: T1107, T1490, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 149[.]28[.]76[.]119:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 125[.]124[.]182[.]109:9000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 161[.]97[.]161[.]77:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 109[.]94[.]208[.]57:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 176c0e35328b032619dc485652148f6c
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 176c0e35328b032619dc485652148f6cSHA1: 00772f0f4bc58c23b4e1d338ba9ee3a1abd0aebdANALYSIS DATE: 2022-10-06T09:12:30ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 0c482b05f3edc8267e37d9b8029645d2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0c482b05f3edc8267e37d9b8029645d2SHA1: b2d323a620f78d2fd48b045ae278b4e3dfd85a9fANALYSIS DATE: 2022-10-06T09:21:11ZTTPS: T1222, T1060, T1112, T1005,...
Malware Analysis – djvu – 214b2b6f63bd33938ed47b85e3a24df6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 214b2b6f63bd33938ed47b85e3a24df6SHA1: 9227ab94107e5ac3f1943d743951c8843d325e47ANALYSIS DATE: 2022-10-06T09:20:32ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – djvu – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:41:34ZTTPS:...
Malware Analysis – djvu – 22e1ceeaf71330b7265275efee371cee
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 22e1ceeaf71330b7265275efee371ceeSHA1: bc1e7c1e5baa5894ab3536623376d11e4f43ea83ANALYSIS DATE: 2022-10-06T10:15:51ZTTPS: T1222, T1012, T1082, T1005,...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:23ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity...
Uncommon infection and malware propagation methods
Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing....
Malware Analysis – smokeloader – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ab588ece9842c824014b896fab00c0d9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: ab588ece9842c824014b896fab00c0d9SHA1: 178a4fc3ee53ac17514c43774a705ffa082ccbf8ANALYSIS DATE: 2022-10-06T03:15:02ZTTPS: T1082, T1012, T1053, T1005,...
Malware Analysis – djvu – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:39:14ZTTPS:...
