Cobalt Stike Beacon Detected – 42[.]193[.]145[.]27:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Malware Analysis – dcrat – d9ed38e3ba39acbfa4ed8d69e233c67e
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Cobalt Stike Beacon Detected – 120[.]76[.]205[.]155:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 192[.]252[.]182[.]56:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]194[.]213[.]51:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security Affairs newsletter Round 394
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online
Proof-of-concept exploit code for two actively exploited Microsoft Exchange ProxyNotShell flaws released online. Proof-of-concept exploit code has been released online...
Malware Analysis – dcrat – e617ddfbd2fd3407103b9ed8371cdc72
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: e617ddfbd2fd3407103b9ed8371cdc72SHA1:...
Malware Analysis – djvu – a12cdf363ffc22dda705083793aad3dc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a12cdf363ffc22dda705083793aad3dcSHA1: 77004309fadecdbfc95e0815eb18b01697d692c2ANALYSIS DATE: 2022-11-20T16:57:45ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – djvu – 13e7b7d335bf434f51253a09b682c881
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 13e7b7d335bf434f51253a09b682c881SHA1: b372ae40a0102bc385823b18abc80ecaf83db4dbANALYSIS DATE: 2022-11-20T15:06:54ZTTPS: T1005, T1081, T1082, T1053,...
Malware Analysis – ransomware – c80f2a1c373d8ef42229e2919339cadd
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: c80f2a1c373d8ef42229e2919339caddSHA1: 8ab2a0512004cf6cca30da5b2b0b35e310114166ANALYSIS DATE: 2022-11-20T15:54:03ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – f4d6bab1ae5f0408bf7a961ac4e1eec9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: f4d6bab1ae5f0408bf7a961ac4e1eec9SHA1:...
Malware Analysis – djvu – a0696d00fa18ffeef932b2d4c2802aac
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a0696d00fa18ffeef932b2d4c2802aacSHA1: 01d13bbb4a41a5e87fd45c289d4b42bfe71aa8d9ANALYSIS DATE: 2022-11-20T17:20:49ZTTPS: T1222, T1012, T1082, T1005,...
Malware Analysis – smokeloader – 5bcddde0d6920439f9a1b054452da241
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5bcddde0d6920439f9a1b054452da241SHA1: 1e85a796ca36a8d71def9f7876902f47b8707e85ANALYSIS DATE: 2022-11-20T17:21:13ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1b1a5244b8b950b1f739ad744a6a7f35
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 1b1a5244b8b950b1f739ad744a6a7f35SHA1: 105af99396ad894cb05b88ad86bf4597251845d2ANALYSIS DATE: 2022-11-20T17:46:47ZTTPS: T1082, T1005, T1081, T1060,...
Malware Analysis – dcrat – 21efb17d8cdfc5a764f02c17ed54fe79
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – discovery – 32bc0de29c2dc883d3975d64cc173420
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 32bc0de29c2dc883d3975d64cc173420SHA1: 11ed5a99aba0928280212df3a9e4fceaef3823edANALYSIS DATE: 2022-11-20T09:01:36ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – persistence – 45aa3af5a677e30f98bcd9f8d4c68560
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 45aa3af5a677e30f98bcd9f8d4c68560SHA1: 4a8a2c33977ac7841f3b1448b0f48ffe571a81a6ANALYSIS DATE: 2022-11-20T09:30:51ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ce409409d45ed291fd548e63f27e9e3c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: ce409409d45ed291fd548e63f27e9e3cSHA1: e94fc066fe43ae730ef72b7334481ee72be9c2e2ANALYSIS DATE: 2022-11-20T09:29:37ZTTPS: T1060, T1112, T1222, T1005,...
Cobalt Stike Beacon Detected – 107[.]175[.]91[.]16:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]3[.]199[.]184:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]84[.]166:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]99[.]93[.]158:9090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – evasion – 444d141e21c6b3463c22460fbde9faf0
Score: 5 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 444d141e21c6b3463c22460fbde9faf0SHA1: b135ce8cfccf6eede4702630c0f64029235a1f07ANALYSIS DATE: 2022-11-20T10:00:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
