Security

Cobalt Stike Beacon Detected – 43[.]142[.]127[.]241:4000

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 155[.]248[.]180[.]127:9998

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 34[.]221[.]248[.]35:80

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cypherhound – Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets

January 2, 2023

A Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets. Why? BloodHound is a staple tool for...

Malware Analysis – amadey – d6832d5709e26e9028fdcde1cd2e7921

January 2, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan,...

Malware Analysis – banker – b96c2bc5e720dd7120af3b3015732fa7

January 2, 2023

Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: b96c2bc5e720dd7120af3b3015732fa7SHA1: daf90883b71f4a465a20055ec0b25d623cbb72c0ANALYSIS DATE: 2023-01-01T22:05:15ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – df249ff3cb8fb36e7c6ae05dc7b14250

January 2, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: df249ff3cb8fb36e7c6ae05dc7b14250SHA1: 4f1af06e54b0acce7c18bf341efcd581d86e439dANALYSIS DATE: 2023-01-01T21:44:18ZTTPS: T1012, T1082, T1060, T1112,...

Malware Analysis – djvu – e12951b5ae49474dbea669e60e41a8d3

January 2, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e12951b5ae49474dbea669e60e41a8d3SHA1: 12efa9aac0739b08ed6ad59d871c4bba92a4d403ANALYSIS DATE: 2023-01-01T21:21:05ZTTPS: T1060, T1112, T1222, T1005,...

Malware Analysis – discovery – d0cc254722e307c7bb9c55d7cb0ef558

January 2, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: d0cc254722e307c7bb9c55d7cb0ef558SHA1: 1d353223f8937526a6ee8568bb32138481c87937ANALYSIS DATE: 2023-01-01T21:44:18ZTTPS: T1082, T1012, T1130, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 64[.]227[.]132[.]76:80

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 35b4d8975b7d90a92362c4872da8e000

January 2, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 35b4d8975b7d90a92362c4872da8e000SHA1: 8ec2dedf76f45ea6ba1e089d2e8081d7c8ae0907ANALYSIS DATE: 2023-01-01T22:31:38ZTTPS: T1060, T1112, T1012, T1082,...

Malware Analysis – smokeloader – 99a72f7ff695ad0c6a7c697a43ad42f1

January 2, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 99a72f7ff695ad0c6a7c697a43ad42f1SHA1: 81cf997876a1395e4e20ba5c6d2de38e28fa40d8ANALYSIS DATE: 2023-01-01T23:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – d061fe68df14422113a7069698607dee

January 2, 2023

Malware Analysis – amadey – e780c60ae345b6925a4d2da8eafca3b2

January 2, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e780c60ae345b6925a4d2da8eafca3b2SHA1: c083ed93f070ca7fbf591c29fbb6f35795efd7b9ANALYSIS...

Cobalt Stike Beacon Detected – 170[.]130[.]55[.]188:1400

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 20[.]166[.]65[.]7:443

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]117[.]127[.]175:60001

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:2087

January 2, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Digital Binary Code on Dark Red Background. Data Breach

Benchmark – 93,343 breached accounts

January 1, 2023

In November 2019, the Serbian technology news website Benchmark suffered a breach of its forum that exposed 93k customer records....

Malware Analysis – ransomware – 91ad108862744c05daa83bfe37a7c8b1

January 1, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, upxMD5: 91ad108862744c05daa83bfe37a7c8b1SHA1: b5b3475be40bda4f75d3d24b547d44d60c03c61bANALYSIS DATE: 2023-01-01T08:58:57ZTTPS: T1082, T1012, T1120, T1107, T1490, T1491, T1112 ScoreMeaningExample10Known badA malware...

Malware Analysis – discovery – 5755c57c7d3b7304b42015c5dd34e5be

January 1, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 5755c57c7d3b7304b42015c5dd34e5beSHA1: 923d617a8a76195879a0eebc8a9794e00378450fANALYSIS DATE: 2023-01-01T09:38:40ZTTPS: T1060, T1112, T1012, T1082, T1031, T1053, T1158, T1042,...

Malware Analysis – amadey – 1b43fc5f83167e3ed72de7461fb2eb30

January 1, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...

Malware Analysis – djvu – 66e2b7371289dd956427b58b8dc7eb14

January 1, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 66e2b7371289dd956427b58b8dc7eb14SHA1: 9d6fb6efbad6863d21643c7f665c3aa2521aa54dANALYSIS DATE: 2023-01-01T09:34:48ZTTPS: T1082, T1053, T1222, T1012,...

Cobalt Stike Beacon Detected – 85[.]209[.]135[.]49:443

January 1, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Security

Cobalt Stike Beacon Detected – 43[.]142[.]127[.]241:4000

Cobalt Stike Beacon Detected – 155[.]248[.]180[.]127:9998

Cobalt Stike Beacon Detected – 34[.]221[.]248[.]35:80

Cypherhound – Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets

Malware Analysis – amadey – d6832d5709e26e9028fdcde1cd2e7921

Malware Analysis – banker – b96c2bc5e720dd7120af3b3015732fa7

Malware Analysis – djvu – df249ff3cb8fb36e7c6ae05dc7b14250

Malware Analysis – djvu – e12951b5ae49474dbea669e60e41a8d3

Malware Analysis – discovery – d0cc254722e307c7bb9c55d7cb0ef558

Cobalt Stike Beacon Detected – 64[.]227[.]132[.]76:80

Malware Analysis – djvu – 35b4d8975b7d90a92362c4872da8e000

Malware Analysis – smokeloader – 99a72f7ff695ad0c6a7c697a43ad42f1

Malware Analysis – amadey – d061fe68df14422113a7069698607dee

Malware Analysis – amadey – e780c60ae345b6925a4d2da8eafca3b2

Cobalt Stike Beacon Detected – 170[.]130[.]55[.]188:1400

Cobalt Stike Beacon Detected – 20[.]166[.]65[.]7:443

Cobalt Stike Beacon Detected – 47[.]117[.]127[.]175:60001

Cobalt Stike Beacon Detected – 106[.]55[.]2[.]194:2087

Benchmark – 93,343 breached accounts

Malware Analysis – ransomware – 91ad108862744c05daa83bfe37a7c8b1

Malware Analysis – discovery – 5755c57c7d3b7304b42015c5dd34e5be

Malware Analysis – amadey – 1b43fc5f83167e3ed72de7461fb2eb30

Malware Analysis – djvu – 66e2b7371289dd956427b58b8dc7eb14

Cobalt Stike Beacon Detected – 85[.]209[.]135[.]49:443

CVE Alert: CVE-2024-51952

CVE Alert: CVE-2024-51954

CVE Alert: CVE-2024-51950

CVE Alert: CVE-2024-51953

CVE Alert: CVE-2024-51951

You may have missed