Security

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:9110

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]139[.]167[.]44:800

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]42[.]19[.]216:80

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 5de11ecab492439480fb87715ec6ae0b

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 5de11ecab492439480fb87715ec6ae0bSHA1: 1ac12b149c613639b2fc4cef6af5df4705b692ccANALYSIS DATE: 2022-12-31T11:40:19ZTTPS: T1060, T1112, T1012, T1005,...

Malware Analysis – – bcb1e5b4dc2eae0d6eb0765130dd26bb

December 31, 2022

Score: 3 MALWARE FAMILY: TAGS:MD5: bcb1e5b4dc2eae0d6eb0765130dd26bbSHA1: e2deb24987120b98586fd88269c5d8fe68314a06ANALYSIS DATE: 2022-12-31T11:48:27ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – amadey – 47de2fabe0fb3d4578c2c7f6f7741c4a

December 31, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...

Malware Analysis – smokeloader – f55db70dde213b489bed910191d180d2

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f55db70dde213b489bed910191d180d2SHA1: faa9789e8bec8b7c03df02b12871231932b32fcdANALYSIS DATE: 2022-12-31T10:02:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Cobalt Stike Beacon Detected – 3[.]74[.]102[.]137:443

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 154[.]223[.]165[.]16:443

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 82[.]157[.]102[.]120:8999

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 34[.]92[.]28[.]142:443

December 31, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – e6c13b6e3d5d725d96c3d275be3c38d4

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e6c13b6e3d5d725d96c3d275be3c38d4SHA1: 7803f9f7fbb55696f08dd5f961c2826aeb12e752ANALYSIS DATE: 2022-12-31T03:22:02ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – smokeloader – e940a13c2509bd823153f8e0e764d0e8

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e940a13c2509bd823153f8e0e764d0e8SHA1: 44ac7375cdb880267f9d13c804c218e28c53884dANALYSIS DATE: 2022-12-31T03:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 8dad56f7c0cd6da28c485028d5bb79a8

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8dad56f7c0cd6da28c485028d5bb79a8SHA1: 4f683dda502920ee1c9dee80e35f9df6adef7ed3ANALYSIS DATE: 2022-12-31T04:02:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 2454d403b8fd8a0084d966ac136083bc

December 31, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2454d403b8fd8a0084d966ac136083bcSHA1: 1bce66750426f1b9db1da2c56227d32ac4608727ANALYSIS DATE: 2022-12-31T04:43:04ZTTPS: T1082, T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – da64a453f7662e5425946c1d96903d86

December 31, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: da64a453f7662e5425946c1d96903d86SHA1: 1b9f15da6e00b3cc73ea71f27db5d766fabbd62bANALYSIS DATE: 2022-12-31T04:09:02ZTTPS: T1082, T1012, T1120, T1005, T1081 ScoreMeaningExample10Known badA malware family...

Malware Analysis – smokeloader – b1d2c66939121ccd165b024d9451cb4d

December 31, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b1d2c66939121ccd165b024d9451cb4dSHA1: e08bddb59f360a78f9c38bf30f1ad45d8e3ec060ANALYSIS DATE: 2022-12-31T05:31:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – b407a3f0e6290013e97b1c53fd935eff

December 31, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: b407a3f0e6290013e97b1c53fd935effSHA1: 430978c3912c16c45fb4bdb38b7d8829cba198adANALYSIS DATE: 2022-12-31T05:31:29ZTTPS: T1222, T1005, T1081, T1012,...

Malware Analysis – amadey – d0f554a0c60d749227776e1c3a557c10

December 31, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:redline, family:smokeloader, botnet:8888888, botnet:letgo, botnet:sport, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware,...

Malware Analysis – evasion – ccd8aeacd5792f628d48b660b36a364f

December 31, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ccd8aeacd5792f628d48b660b36a364fSHA1: f73441d600669341b7d894a2d06fb695dc002ef4ANALYSIS DATE: 2022-12-31T04:52:43ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Security

Cobalt Stike Beacon Detected – 180[.]76[.]166[.]65:9110

Cobalt Stike Beacon Detected – 43[.]139[.]167[.]44:800

Cobalt Stike Beacon Detected – 101[.]42[.]19[.]216:80

Malware Analysis – djvu – 5de11ecab492439480fb87715ec6ae0b

Malware Analysis – – bcb1e5b4dc2eae0d6eb0765130dd26bb

Malware Analysis – amadey – 47de2fabe0fb3d4578c2c7f6f7741c4a

Malware Analysis – smokeloader – f55db70dde213b489bed910191d180d2

Cobalt Stike Beacon Detected – 3[.]74[.]102[.]137:443

Cobalt Stike Beacon Detected – 154[.]223[.]165[.]16:443

Cobalt Stike Beacon Detected – 82[.]157[.]102[.]120:8999

Cobalt Stike Beacon Detected – 34[.]92[.]28[.]142:443

Malware Analysis – djvu – e6c13b6e3d5d725d96c3d275be3c38d4

Malware Analysis – smokeloader – e940a13c2509bd823153f8e0e764d0e8

Malware Analysis – smokeloader – 8dad56f7c0cd6da28c485028d5bb79a8

Malware Analysis – ransomware – 2454d403b8fd8a0084d966ac136083bc

Malware Analysis – ransomware – da64a453f7662e5425946c1d96903d86

Malware Analysis – smokeloader – b1d2c66939121ccd165b024d9451cb4d

Malware Analysis – djvu – b407a3f0e6290013e97b1c53fd935eff

Malware Analysis – amadey – d0f554a0c60d749227776e1c3a557c10

Malware Analysis – evasion – ccd8aeacd5792f628d48b660b36a364f

Cobalt Stike Beacon Detected – 8[.]209[.]215[.]82:80

Cobalt Stike Beacon Detected – 101[.]42[.]27[.]149:443

Cobalt Stike Beacon Detected – 84[.]32[.]128[.]110:443

Cobalt Stike Beacon Detected – 51[.]91[.]99[.]2:80

[KILLSEC] – Ransomware Victim: Wendy Wu Tours

[HUNTERS] – Ransomware Victim: Tata Technologies

[QILIN] – Ransomware Victim: rockhillwc[.]com

[RANSOMHUB] – Ransomware Victim: goencon[.]com

[QILIN] – Ransomware Victim: peruzzi[.]com

You may have missed