Security

Cobalt Stike Beacon Detected – 43[.]136[.]218[.]157:443

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 1[.]13[.]254[.]87:443

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – d4dde394647d6d74a212f2abfc38d785

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: d4dde394647d6d74a212f2abfc38d785SHA1: b0f6ef1a54339f048af1ebf29691e471c926cd3cANALYSIS DATE: 2023-02-27T10:52:10ZTTPS: T1053, T1005, T1081, T1060, T1112,...

Malware Analysis – djvu – a76852e5eb1e18a990ff1d0a6e34d830

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a76852e5eb1e18a990ff1d0a6e34d830SHA1: aca915229ecc63c5fbe37e3b024ab2a40d40abb5ANALYSIS DATE: 2023-02-27T11:24:55ZTTPS: T1060, T1112, T1012, T1005, T1081,...

Malware Analysis – djvu – 765a4e60824b26944e349fd5c5d25773

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 765a4e60824b26944e349fd5c5d25773SHA1: 69d86ac73275a3bbf24afcf2d1c113c196eb1a08ANALYSIS DATE: 2023-02-27T10:41:59ZTTPS: T1012, T1082, T1222, T1053, T1005,...

Malware Analysis – djvu – 9bef94cc928804cc3d23a4ae8293215e

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9bef94cc928804cc3d23a4ae8293215eSHA1: de9c936943f6290228972dd27a663887c0fd138bANALYSIS DATE: 2023-02-27T10:54:39ZTTPS: T1012, T1082, T1005, T1081, T1060,...

Cobalt Stike Beacon Detected – 159[.]223[.]190[.]172:80

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:8086

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 103[.]234[.]72[.]195:80

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 121[.]4[.]32[.]171:80

February 27, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 1ffe527454fb2cb48d1c58fd37a5d953

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 1ffe527454fb2cb48d1c58fd37a5d953SHA1: 07381a0116186c6be393b695dbf9a139defa4e64ANALYSIS DATE: 2023-02-27T04:22:24ZTTPS: T1082, T1012, T1005, T1081, T1222,...

Malware Analysis – djvu – aa058c705e64a433166d975f4e9a5261

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, stealer, trojan, vmprotectMD5: aa058c705e64a433166d975f4e9a5261SHA1: d286ebd54477fef7a45cc12edfb05ae0197bbdaaANALYSIS DATE: 2023-02-27T03:42:43ZTTPS: T1082, T1012,...

Malware Analysis – djvu – af18071fb08b87b6b3997313a205f2fa

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: af18071fb08b87b6b3997313a205f2faSHA1: e113a28a4ec2c2fe961b0e63c3ecb0cd787aff0cANALYSIS DATE: 2023-02-27T04:18:15ZTTPS: T1012, T1082, T1222, T1005, T1081,...

Malware Analysis – evasion – a013722d6c33cfe87c4feb7f59b1adef

February 27, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: a013722d6c33cfe87c4feb7f59b1adefSHA1: 67fedd6e65bbe6d0189494221fed770c5733399dANALYSIS DATE: 2023-02-27T05:06:50ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – ba3aabae5595f9b43fa0063f3d076340

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: ba3aabae5595f9b43fa0063f3d076340SHA1: 8f33d2fae042f706487354ccd87c1a749a73a994ANALYSIS DATE: 2023-02-27T05:31:11ZTTPS: T1082,...

Malware Analysis – djvu – d4e8036c9af8375f5c06ea31c5267612

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: d4e8036c9af8375f5c06ea31c5267612SHA1: 9a4d77ab1d106ae4bda5250adcfb0dc7c4d6126fANALYSIS DATE: 2023-02-27T05:33:18ZTTPS: T1222, T1060, T1112, T1053, T1005,...

Malware Analysis – djvu – a46513985a2902ced4e4212fbb73df88

February 27, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a46513985a2902ced4e4212fbb73df88SHA1: 00af6a70f41858895bfeb3fc45abebe6ef4e0e47ANALYSIS DATE: 2023-02-27T05:54:24ZTTPS: T1053, T1005, T1081, T1012, T1082,...

Security

Cobalt Stike Beacon Detected – 43[.]136[.]218[.]157:443

Cobalt Stike Beacon Detected – 1[.]13[.]254[.]87:443

Malware Analysis – djvu – d4dde394647d6d74a212f2abfc38d785

Malware Analysis – djvu – a76852e5eb1e18a990ff1d0a6e34d830

Malware Analysis – djvu – 765a4e60824b26944e349fd5c5d25773

Malware Analysis – djvu – 9bef94cc928804cc3d23a4ae8293215e

Cobalt Stike Beacon Detected – 159[.]223[.]190[.]172:80

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:8086

Cobalt Stike Beacon Detected – 103[.]234[.]72[.]195:80

Cobalt Stike Beacon Detected – 121[.]4[.]32[.]171:80

Malware Analysis – djvu – 1ffe527454fb2cb48d1c58fd37a5d953

Malware Analysis – djvu – aa058c705e64a433166d975f4e9a5261

Malware Analysis – djvu – af18071fb08b87b6b3997313a205f2fa

Malware Analysis – evasion – a013722d6c33cfe87c4feb7f59b1adef

Malware Analysis – djvu – ba3aabae5595f9b43fa0063f3d076340

Malware Analysis – djvu – d4e8036c9af8375f5c06ea31c5267612

Malware Analysis – djvu – a46513985a2902ced4e4212fbb73df88

Cobalt Stike Beacon Detected – 45[.]61[.]187[.]242:80

Cobalt Stike Beacon Detected – 85[.]175[.]101[.]203:443

Cobalt Stike Beacon Detected – 101[.]35[.]46[.]154:80

Cobalt Stike Beacon Detected – 91[.]206[.]93[.]139:8080

Cobalt Stike Beacon Detected – 46[.]249[.]38[.]9:8080

Cobalt Stike Beacon Detected – 109[.]172[.]45[.]85:443

Cobalt Stike Beacon Detected – 121[.]196[.]222[.]60:80

[MEDUSA] – Ransomware Victim: Aurora Boardworks

[MEDUSA] – Ransomware Victim: Mundelein Park & Recreation District

[HUNTERS] – Ransomware Victim: Vermeer Mexico

[MEDUSA] – Ransomware Victim: Laurens School District 56

[MEDUSA] – Ransomware Victim: Heartland Health Center

You may have missed