Security

osint

TrueBot infections were observed in Clop ransomware attacks

December 12, 2022

Researchers reported an increase in TrueBot infections, attackers have shifted from using malicious emails as their primary delivery method to other techniques....

Read More

abstract-malware-990x400-1

Malware Analysis – smokeloader – 9b680fe6c94c5c5efd8d1ee47e6bc9a3

December 12, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 9b680fe6c94c5c5efd8d1ee47e6bc9a3SHA1: 07700e18220654e8334dd36db10c413543ab5f59ANALYSIS DATE: 2022-12-12T04:24:56ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Read More

abstract-malware-990x400-1

Malware Analysis – – 3a02deed11f7ff4dbc1188d201ad164a

December 12, 2022

Score: 8 MALWARE FAMILY: TAGS:MD5: 3a02deed11f7ff4dbc1188d201ad164aSHA1: 5c935f5c25c2975ef384878bb094567fb19519c9ANALYSIS DATE: 2022-12-12T04:09:21ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 6ae2c7e69f7af191c459978a7ffbb2d6

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6ae2c7e69f7af191c459978a7ffbb2d6SHA1: 64c504634fb86ae0cde436c50cefee73fb0f8e8fANALYSIS DATE: 2022-12-12T03:58:30ZTTPS: T1222, T1012, T1082, T1060,...

Read More

abstract-malware-990x400-1

Malware Analysis – evasion – e9663f1b8ec8a5e2c130f4ff496a43d8

December 12, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: e9663f1b8ec8a5e2c130f4ff496a43d8SHA1: ed373bf96e834f4bf920220cc61a84f064e1275aANALYSIS DATE: 2022-12-07T09:27:09ZTTPS: T1012, T1120, T1082, T1158, T1112, T1060 ScoreMeaningExample10Known badA malware...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – b046fd352da5913664316180e0e22633

December 12, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 0bffab8de978679c204fe21331058575

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0bffab8de978679c204fe21331058575SHA1: f3830a7b5b741df86cc52d7432a7d6a30a6772e6ANALYSIS DATE: 2022-12-12T05:02:15ZTTPS: T1082, T1053, T1005, T1081,...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – fbdde4446467cf7b6e2edc26f470ed98

December 12, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 352a744e8b4258b7729581602709800a

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 352a744e8b4258b7729581602709800aSHA1: a06aa0539924ca45f63ce74783d593e97ba1502cANALYSIS DATE: 2022-12-12T05:32:53ZTTPS: T1053, T1005, T1081, T1130,...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]117[.]91[.]33:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 47[.]92[.]95[.]200:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 20[.]12[.]210[.]245:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 83[.]97[.]20[.]148:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 1607b60ccb7bc768acc7059b54a1d86a

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1607b60ccb7bc768acc7059b54a1d86aSHA1: 94dd0783405cececd513b50f38d5c4cb3cf82f77ANALYSIS DATE: 2022-12-11T21:51:54ZTTPS: T1053, T1005, T1081, T1012,...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]14[.]198[.]89:8011

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 89[.]238[.]185[.]24:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]117[.]112[.]201:80

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

abstract-malware-990x400-1

Malware Analysis – spyware – 3c993362560f4f264f903489653e20db

December 12, 2022

Score: 8 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: 3c993362560f4f264f903489653e20dbSHA1: 06b0e451d95004b49cdde28357d716b3e798cc07ANALYSIS DATE: 2022-12-11T22:09:01ZTTPS: T1082, T1012, T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Read More

abstract-malware-990x400-1

Malware Analysis – medusalocker – 489e246b8f55137cd70e4b2d718ff85f

December 12, 2022

Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, evasion, ransomware, spyware, stealer, trojanMD5: 489e246b8f55137cd70e4b2d718ff85fSHA1: 444e3fd11ac385ab333db41420e5c4fd2e47a5baANALYSIS DATE: 2022-12-11T23:15:45ZTTPS: T1082, T1112, T1005, T1081, T1088, T1089,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – deb6e2ba0b5da298a176f135d0dbb902

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: deb6e2ba0b5da298a176f135d0dbb902SHA1: def2ce53e89d620734661d0e982c475fef4dacfaANALYSIS DATE: 2022-12-11T23:31:10ZTTPS: T1005, T1081, T1012, T1082,...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – dbfbbd262c73437383038a98fec9649c

December 12, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, trojanMD5: dbfbbd262c73437383038a98fec9649cSHA1: 5f71018f5e12d8b1cbe309589b23a7666b2716b4ANALYSIS DATE: 2022-12-11T22:06:26ZTTPS:...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 43[.]139[.]69[.]104:8800

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 64[.]190[.]113[.]81:443

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 23[.]94[.]40[.]43:8080

December 12, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

CVE Alert: CVE-2025-27839

March 9, 2025

CVE Alert: CVE-2025-1261

March 9, 2025

CVE Alert: CVE-2024-12460

March 9, 2025

CVE Alert: CVE-2024-13890

March 9, 2025

CVE Alert: CVE-2025-1504

March 9, 2025