Security

Cobalt Stike Beacon Detected – 45[.]136[.]14[.]33:9443

May 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 98[.]71[.]232[.]223:80

May 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 82[.]157[.]243[.]230:6666

May 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]138[.]215[.]2:6666

May 11, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Tools

SpiderSuite – Advance Web Spider/Crawler For Cyber Security Professionals

May 10, 2023

An advance cross-platform and multi-feature GUI web spider/crawler for cyber security proffesionals. Spider Suite can be used for attack surface...

Malware Analysis – persistence – cd51e8717f5f983e60aaebd0346072e5

May 10, 2023

Score: 7 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: cd51e8717f5f983e60aaebd0346072e5SHA1: 3c12360fcb75d96e3ab9e56b37d3345921f63be6ANALYSIS DATE: 2023-05-10T15:33:26ZTTPS: T1491, T1112, T1060, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – a01994ddeb320bdc37b7616d508d437d

May 10, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, ransomware, stealer, trojanMD5: a01994ddeb320bdc37b7616d508d437dSHA1: 9b41ae28bac9a6ef7329aafad1017c2d476d6822ANALYSIS DATE:...

Malware Analysis – djvu – b8f9b92fa79c97f3461c5a4dc0286a1e

May 10, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, discovery, persistence, ransomware, spyware, stealerMD5: b8f9b92fa79c97f3461c5a4dc0286a1eSHA1: 0842f2af0d958b043ad2a63396b80e4fe6303732ANALYSIS DATE: 2023-05-10T15:35:38ZTTPS: T1005, T1081, T1060, T1112,...

Malware Analysis – neshta – 80d2cfccef17caa46226147c1b0648e6

May 10, 2023

Score: 10 MALWARE FAMILY: neshtaTAGS:family:neshta, family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: 80d2cfccef17caa46226147c1b0648e6SHA1: 4540c60c99594ebd49e0ede7d2070b00f5fb021bANALYSIS DATE: 2023-05-10T16:59:31ZTTPS: T1107, T1490, T1222, T1112,...

Malware Analysis – amadey – f20c04dd9a5a3fb76d8686910deaedda

May 10, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: f20c04dd9a5a3fb76d8686910deaeddaSHA1: 11ca428d2502cbaead96a6ce028ea8cb66ee454eANALYSIS DATE: 2023-05-10T17:04:28ZTTPS:...

Malware Analysis – evasion – e2c4c4dd8c6a357eca164955a8fe040c

May 10, 2023

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: e2c4c4dd8c6a357eca164955a8fe040cSHA1: f4114815bce62efbc78c79f9a83ccf74a4ea075cANALYSIS DATE: 2023-05-10T16:56:48ZTTPS: T1088, T1089, T1112, T1491, T1012, T1082, T1060 ScoreMeaningExample10Known...

Malware Analysis – djvu – 5805707bb7e896ee387f8fc1807cdd6e

May 10, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, discovery, persistence, ransomware, spyware, stealerMD5: 5805707bb7e896ee387f8fc1807cdd6eSHA1: 1c4b1a51b50fb077f1e044de77d324a900b8805eANALYSIS DATE: 2023-05-10T17:41:30ZTTPS: T1012, T1082, T1222, T1005,...

Malware Analysis – bootkit – b49fe89eedd01c5c4998902c6a988e2c

May 10, 2023

Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, exploit, persistenceMD5: b49fe89eedd01c5c4998902c6a988e2cSHA1: c0310946c0ad9346486a6c0eb33a8c73dfa63c01ANALYSIS DATE: 2023-05-10T17:33:44ZTTPS: T1012, T1082, T1067, T1222, T1102 ScoreMeaningExample10Known badA malware...

Malware Analysis – discovery – 8543002b027116786aaa52089b558cc0

May 10, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistence, ransomware, trojanMD5: 8543002b027116786aaa52089b558cc0SHA1: 541a0fd4a8d6821e193e57e304e7dc87fa6daadaANALYSIS DATE: 2023-05-10T17:35:04ZTTPS: T1088, T1089, T1112, T1012, T1082, T1120,...

Malware Analysis – discovery – cf2a00cda850b570f0aa6266b9a5463e

May 10, 2023

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: cf2a00cda850b570f0aa6266b9a5463eSHA1: ab9eb170448c95eccb65bf0665ac9739021200b6ANALYSIS DATE: 2023-05-10T17:16:14ZTTPS: T1012, T1082, T1120, T1060, T1112, T1102, T1491 ScoreMeaningExample10Known...

Security

Cobalt Stike Beacon Detected – 45[.]136[.]14[.]33:9443

Cobalt Stike Beacon Detected – 98[.]71[.]232[.]223:80

Cobalt Stike Beacon Detected – 82[.]157[.]243[.]230:6666

Cobalt Stike Beacon Detected – 43[.]138[.]215[.]2:6666

SpiderSuite – Advance Web Spider/Crawler For Cyber Security Professionals

Malware Analysis – persistence – cd51e8717f5f983e60aaebd0346072e5

Malware Analysis – amadey – a01994ddeb320bdc37b7616d508d437d

Malware Analysis – djvu – b8f9b92fa79c97f3461c5a4dc0286a1e

Malware Analysis – neshta – 80d2cfccef17caa46226147c1b0648e6

Malware Analysis – amadey – f20c04dd9a5a3fb76d8686910deaedda

Malware Analysis – evasion – e2c4c4dd8c6a357eca164955a8fe040c

Malware Analysis – djvu – 5805707bb7e896ee387f8fc1807cdd6e

Malware Analysis – bootkit – b49fe89eedd01c5c4998902c6a988e2c

Malware Analysis – discovery – 8543002b027116786aaa52089b558cc0

Malware Analysis – discovery – cf2a00cda850b570f0aa6266b9a5463e

Cobalt Stike Beacon Detected – 190[.]123[.]44[.]150:443

Cobalt Stike Beacon Detected – 91[.]238[.]181[.]242:443

Cobalt Stike Beacon Detected – 124[.]222[.]54[.]66:80

Cobalt Stike Beacon Detected – 116[.]204[.]121[.]193:443

Cobalt Stike Beacon Detected – 47[.]97[.]210[.]199:8888

Cobalt Stike Beacon Detected – 82[.]157[.]161[.]99:8082

Cobalt Stike Beacon Detected – 43[.]154[.]207[.]209:443

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

[FOG] – Ransomware Victim: Gitlabs: INGV, Spacemanic, Squeezer-software

[FOG] – Ransomware Victim: Squeezer-software

[FOG] – Ransomware Victim: INGV

[FOG] – Ransomware Victim: Spacemanic

You may have missed