Security

Cobalt Stike Beacon Detected – 194[.]135[.]24[.]242:80

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 156[.]234[.]180[.]237:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 44[.]210[.]9[.]119:443

December 4, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – evasion – ddedd0574645d1c496a3a0eb38205624

December 4, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: ddedd0574645d1c496a3a0eb38205624SHA1: 127898f7ac3ec9409cab55fbd92566a2a5f87cbcANALYSIS DATE: 2022-12-01T16:48:35ZTTPS: T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – 3b7bc00a063e8c42b99a8c1d30075815

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3b7bc00a063e8c42b99a8c1d30075815SHA1: bf1131f0ae5be32891872b7017181602ac4678b6ANALYSIS DATE: 2022-12-03T21:28:42ZTTPS: T1222, T1005, T1081, T1082,...

Malware Analysis – djvu – 54b32a7be17eb87a95c6a524f44652e9

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 54b32a7be17eb87a95c6a524f44652e9SHA1: 2840f8a761f67ad28f3d4fb7973fe7082547b702ANALYSIS DATE: 2022-12-03T21:04:42ZTTPS: T1012, T1222, T1005, T1081,...

Malware Analysis – djvu – cadeefc5482b30ded21a5a85ba4cd17c

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: cadeefc5482b30ded21a5a85ba4cd17cSHA1: a50f1c365d7d9f08e5671cfac8ef97dfa06b8e6cANALYSIS DATE: 2022-12-03T22:06:39ZTTPS: T1053, T1012, T1082, T1222,...

Malware Analysis – djvu – 99eb5514dc519fa850e8f7e76b4d5b34

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 99eb5514dc519fa850e8f7e76b4d5b34SHA1: 8f8edd943311e59f51cee6c8af987078bef297b5ANALYSIS DATE: 2022-12-03T23:40:17ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – dcrat – 155097c6774693e155ba4d0dc25c3b75

December 4, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 155097c6774693e155ba4d0dc25c3b75SHA1:...

Malware Analysis – djvu – 86404f749c0f6a7c714f497883c338d3

December 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 86404f749c0f6a7c714f497883c338d3SHA1: 59dd240f1ffa1733c6c2ce00947ba3a5e6940eddANALYSIS DATE: 2022-12-03T21:34:34ZTTPS:...

Malware Analysis – dcrat – 2ce74915f622e54426e4daa1bf3af868

December 3, 2022

Malware Analysis – dcrat – 36a46e8f69a75f3918aa3e3db3dece11

December 3, 2022

Malware Analysis – djvu – 1d5feda2e48bbca86647d607e576e392

December 3, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1d5feda2e48bbca86647d607e576e392SHA1: 8d2bc964d15e8a8c14bffea566f8af08ef30ad55ANALYSIS DATE: 2022-12-03T17:52:51ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – wannacry – e58fdd8b0ce47bcb8ffd89f4499d186d

December 3, 2022

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: e58fdd8b0ce47bcb8ffd89f4499d186dSHA1: b7e2334ac6e1ad75e3744661bb590a2d1da98b03ANALYSIS DATE: 2022-12-03T16:45:44ZTTPS: T1491, T1112, T1012, T1120, T1082,...

Malware Analysis – djvu – 5936d7f20ed782d994cf29e014780c04

December 3, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 5936d7f20ed782d994cf29e014780c04SHA1: f0c955bbe527f206bab2422448bc999c5ec66646ANALYSIS DATE: 2022-12-03T16:32:06ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – djvu – 0e500d0888319b7013742f723303ff36

December 3, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0e500d0888319b7013742f723303ff36SHA1: dffc7372ee2bfcb9406ec1d6a1a3f901af6fddb8ANALYSIS DATE: 2022-12-03T17:25:02ZTTPS: T1005, T1081, T1012, T1082,...

Security

Cobalt Stike Beacon Detected – 194[.]135[.]24[.]242:80

Cobalt Stike Beacon Detected – 156[.]234[.]180[.]237:443

Cobalt Stike Beacon Detected – 44[.]210[.]9[.]119:443

Malware Analysis – evasion – ddedd0574645d1c496a3a0eb38205624

Malware Analysis – djvu – 3b7bc00a063e8c42b99a8c1d30075815

Malware Analysis – djvu – 54b32a7be17eb87a95c6a524f44652e9

Malware Analysis – djvu – cadeefc5482b30ded21a5a85ba4cd17c

Malware Analysis – djvu – 99eb5514dc519fa850e8f7e76b4d5b34

Malware Analysis – dcrat – 155097c6774693e155ba4d0dc25c3b75

Malware Analysis – djvu – 86404f749c0f6a7c714f497883c338d3

Malware Analysis – dcrat – 2ce74915f622e54426e4daa1bf3af868

Malware Analysis – dcrat – 36a46e8f69a75f3918aa3e3db3dece11

Malware Analysis – djvu – 1d5feda2e48bbca86647d607e576e392

Malware Analysis – wannacry – e58fdd8b0ce47bcb8ffd89f4499d186d

Malware Analysis – djvu – 5936d7f20ed782d994cf29e014780c04

Malware Analysis – djvu – 0e500d0888319b7013742f723303ff36

Google fixed the ninth actively exploited Chrome zeroday this year

Shells – Little Script For Generating Revshells

Cobalt Stike Beacon Detected – 156[.]234[.]180[.]236:443

Cobalt Stike Beacon Detected – 82[.]157[.]171[.]28:443

Cobalt Stike Beacon Detected – 83[.]217[.]11[.]6:80

Cobalt Stike Beacon Detected – 129[.]150[.]63[.]166:80

Cobalt Stike Beacon Detected – 8[.]219[.]164[.]202:60001

Cobalt Stike Beacon Detected – 120[.]78[.]216[.]232:80

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

CISA: CISA Releases Six Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

You may have missed