threatintel

Cobalt Stike Beacon Detected – 119[.]3[.]73[.]208:9999

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]138[.]231[.]8:80

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 118[.]99[.]52[.]220:80

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 119[.]91[.]194[.]71:443

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – discovery – 4daaf587e2a1dd41691a4f95a7778083

November 16, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 4daaf587e2a1dd41691a4f95a7778083SHA1: 945526bbea76aa2e4660ca15842b25eac8600753ANALYSIS DATE: 2022-11-16T09:16:00ZTTPS: T1112, T1042, T1012, T1120, T1082, T1060 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – 85bf0a8fcb03c3f004e2e0a911c13aa9

November 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 85bf0a8fcb03c3f004e2e0a911c13aa9SHA1:...

Malware Analysis – smokeloader – 4555463ac67b49271353fabbf75a8ed8

November 16, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4555463ac67b49271353fabbf75a8ed8SHA1: 3f659e99639daa7acfe601f53300e039b4c2b3f3ANALYSIS DATE: 2022-11-16T09:36:11ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – persistence – c12aca276815a42658d5fc8479766bf0

November 16, 2022

Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: c12aca276815a42658d5fc8479766bf0SHA1: 8d411a51c5c78dbc2cfcf6f0ed442b5f8dcf0cc1ANALYSIS DATE: 2022-11-16T10:41:20ZTTPS: T1012, T1120, T1082, T1005, T1081, T1060, T1112 ScoreMeaningExample10Known...

Cobalt Stike Beacon Detected – 43[.]129[.]214[.]143:8080

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]139[.]129[.]211:443

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 51[.]210[.]243[.]38:8888

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 2[.]56[.]173[.]252:80

November 16, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – bd1753c21a8f5df46d0fc15a6e955fc2

November 16, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: bd1753c21a8f5df46d0fc15a6e955fc2SHA1: d91aed5a66c9d81d158dd5f0974af111ffd2193fANALYSIS DATE: 2022-11-16T11:03:04ZTTPS: T1082, T1005, T1081, T1491, T1112 ScoreMeaningExample10Known badA malware family...

Malware Analysis – djvu – 20551207f58fa8b35fb27f48522dfb4f

November 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 20551207f58fa8b35fb27f48522dfb4fSHA1: a5cd0b9d6329c1d2277d207c6ffb78acfc21c3f8ANALYSIS DATE: 2022-11-16T10:42:40ZTTPS: T1082, T1005, T1081, T1012,...

Malware Analysis – – 23781b8f02e972874393d04b97870bee

November 16, 2022

Score: 1 MALWARE FAMILY: TAGS:MD5: 23781b8f02e972874393d04b97870beeSHA1: c3fa521b358b1a59a56dc38527fec8d8c5c286e4ANALYSIS DATE: 2022-11-16T10:58:10ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – blacknet – d553d612efd1c730a09343c8adf4a036

November 16, 2022

Score: 10 MALWARE FAMILY: blacknetTAGS:family:blacknet, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, botnet:round3, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware,...

Beginning 2023 Google plans to rollout the initial Privacy Sandbox Beta

November 16, 2022

Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android...

sl-abstract-world-map-chip-danger-1200-990x400-1

DTrack activity targeting Europe and Latin America

November 16, 2022

Introduction DTrack is a backdoor used by the Lazarus group. Initially discovered in 2019, the backdoor remains in use three...

Malware Analysis – smokeloader – c75afff0fab61d5210bcc2c2bede60be

November 16, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c75afff0fab61d5210bcc2c2bede60beSHA1: a7f126e2305f6e15b7b2b0aaf878e27f74f7f817ANALYSIS DATE: 2022-11-16T03:16:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – 68cc01ae9ae11af059f93d03053480b8

November 16, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:eternity, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware,...

Malware Analysis – persistence – fce023be1fb28b656e419c5c817deb73

November 16, 2022

Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: fce023be1fb28b656e419c5c817deb73SHA1: 589b78fcde00583615e85c16b0a63d0806cf621cANALYSIS DATE: 2022-11-16T04:49:20ZTTPS: T1060, T1112, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – 15103cc5f77da69f8563b4ba0e718d5e

November 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 15103cc5f77da69f8563b4ba0e718d5eSHA1: 7a1655817f7439e02f8924822e771479bf986312ANALYSIS DATE: 2022-11-16T04:34:31ZTTPS: T1005, T1081, T1060, T1112,...

Malware Analysis – djvu – a9b1f92a3513a444bdeaaa0c04252c25

November 16, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...

Malware Analysis – azov – 7675302777989b94bd9912988bd78937

November 16, 2022

Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, spyware, stealer, wiperMD5: 7675302777989b94bd9912988bd78937SHA1: e888de6410255dcef79278437fab04766423bdeaANALYSIS DATE: 2022-11-16T05:38:52ZTTPS: T1060, T1112, T1012, T1120, T1082, T1005,...

threatintel

Cobalt Stike Beacon Detected – 119[.]3[.]73[.]208:9999

Cobalt Stike Beacon Detected – 43[.]138[.]231[.]8:80

Cobalt Stike Beacon Detected – 118[.]99[.]52[.]220:80

Cobalt Stike Beacon Detected – 119[.]91[.]194[.]71:443

Malware Analysis – discovery – 4daaf587e2a1dd41691a4f95a7778083

Malware Analysis – djvu – 85bf0a8fcb03c3f004e2e0a911c13aa9

Malware Analysis – smokeloader – 4555463ac67b49271353fabbf75a8ed8

Malware Analysis – persistence – c12aca276815a42658d5fc8479766bf0

Cobalt Stike Beacon Detected – 43[.]129[.]214[.]143:8080

Cobalt Stike Beacon Detected – 43[.]139[.]129[.]211:443

Cobalt Stike Beacon Detected – 51[.]210[.]243[.]38:8888

Cobalt Stike Beacon Detected – 2[.]56[.]173[.]252:80

Malware Analysis – ransomware – bd1753c21a8f5df46d0fc15a6e955fc2

Malware Analysis – djvu – 20551207f58fa8b35fb27f48522dfb4f

Malware Analysis – – 23781b8f02e972874393d04b97870bee

Malware Analysis – blacknet – d553d612efd1c730a09343c8adf4a036

Beginning 2023 Google plans to rollout the initial Privacy Sandbox Beta

DTrack activity targeting Europe and Latin America

Malware Analysis – smokeloader – c75afff0fab61d5210bcc2c2bede60be

Malware Analysis – amadey – 68cc01ae9ae11af059f93d03053480b8

Malware Analysis – persistence – fce023be1fb28b656e419c5c817deb73

Malware Analysis – djvu – 15103cc5f77da69f8563b4ba0e718d5e

Malware Analysis – djvu – a9b1f92a3513a444bdeaaa0c04252c25

Malware Analysis – azov – 7675302777989b94bd9912988bd78937

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services

CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

CISA: CISA Releases Five Industrial Control Systems Advisories

CISA: CISA Releases Best Practice Guidance for Mobile Communications

You may have missed