threatintel

Cobalt Stike Beacon Detected – 192[.]144[.]200[.]160:80

November 5, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]221[.]142[.]27:9090

November 5, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]97[.]76[.]148:444

November 5, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Guide to Better Threat Detection and Response

November 4, 2022

50% of teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected...

Attack Surface Management 2022 Midyear Review Part 3

November 4, 2022

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the...

Improve Post-Quantum Cryptography Security with CSPM

November 4, 2022

Gain valuable insight into the emerging world of post-quantum computing. Understand the threats attackers with access to quantum computers pose....

Cybersecurity Posture & Insurance Outlook with Advisen

November 4, 2022

Trend Micro’s Eric Skinner, and Advisen, an insurance data and analytics company, discuss the current threat landscape, cyber risk management,...

Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix

November 4, 2022

Potential disruptions following vulnerabilities found in OpenSSL. If you like the site, please consider joining the telegram channel or supporting...

Malware Analysis – smokeloader – d009f95436e5463a7fa7f34777bf144d

November 4, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: d009f95436e5463a7fa7f34777bf144dSHA1: 0a6b604a81c747282d8996cc6f525e2d94c894e5ANALYSIS DATE: 2022-11-04T15:42:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – e4cae2a45bcc39307fac1025b6b6a0e7

November 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: e4cae2a45bcc39307fac1025b6b6a0e7SHA1: 8ba5159154296c4214d009b2d66ee0fc932a43d0ANALYSIS DATE: 2022-11-04T15:38:32ZTTPS: T1060, T1112, T1082, T1005, T1081, T1012,...

Malware Analysis – ransomware – c164a7ebb4813fda6834f8f086b90ff9

November 4, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: c164a7ebb4813fda6834f8f086b90ff9SHA1: 1a3577cc48e20c4e1652fb6d84a88f68f46520dfANALYSIS DATE: 2022-11-04T15:00:18ZTTPS: T1082, T1012, T1120, T1018 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – ransomware – be93f9d3e4d424fbc63f2eafd1f4fee9

November 4, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: be93f9d3e4d424fbc63f2eafd1f4fee9SHA1: 7d5c3e56027f2847da1cf3fe65445b2335305051ANALYSIS DATE: 2022-11-04T16:21:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – smokeloader – 04f42a75d636304a10fca42dcf43fe81

November 4, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 04f42a75d636304a10fca42dcf43fe81SHA1: 08c305330fc18de28c7881098fbf57271e7cf3c6ANALYSIS DATE: 2022-11-04T17:12:00ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – b97a1ccc6515bce1ff1d1fd4641e3cfe

November 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: b97a1ccc6515bce1ff1d1fd4641e3cfeSHA1: 279026fc4c59439cb4019ce2ca8a06ee3d63c071ANALYSIS DATE: 2022-11-04T17:14:18ZTTPS: T1130, T1112, T1053, T1012, T1082, T1005,...

Malware Analysis – xorist – e598e5ae61f73fb6b3883f6e79f05916

November 4, 2022

Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, adware, persistence, ransomware, spyware, stealer, upxMD5: e598e5ae61f73fb6b3883f6e79f05916SHA1: 84063d5808f58c73871f8acea020f6a3e2382a30ANALYSIS DATE: 2022-11-04T17:20:12ZTTPS: T1112, T1176, T1060, T1005, T1081,...

Malware Analysis – djvu – 4caa7052f4ee833a16c8c0ba7f0db275

November 4, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 4caa7052f4ee833a16c8c0ba7f0db275SHA1: 8e4fb478b445822a78c4722b53f4ff3f180a32ecANALYSIS DATE:...

threatintel

Cobalt Stike Beacon Detected – 192[.]144[.]200[.]160:80

Cobalt Stike Beacon Detected – 124[.]221[.]142[.]27:9090

Cobalt Stike Beacon Detected – 47[.]97[.]76[.]148:444

Guide to Better Threat Detection and Response

Attack Surface Management 2022 Midyear Review Part 3

Improve Post-Quantum Cryptography Security with CSPM

Cybersecurity Posture & Insurance Outlook with Advisen

Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix

Malware Analysis – smokeloader – d009f95436e5463a7fa7f34777bf144d

Malware Analysis – djvu – e4cae2a45bcc39307fac1025b6b6a0e7

Malware Analysis – ransomware – c164a7ebb4813fda6834f8f086b90ff9

Malware Analysis – ransomware – be93f9d3e4d424fbc63f2eafd1f4fee9

Malware Analysis – smokeloader – 04f42a75d636304a10fca42dcf43fe81

Malware Analysis – djvu – b97a1ccc6515bce1ff1d1fd4641e3cfe

Malware Analysis – xorist – e598e5ae61f73fb6b3883f6e79f05916

Malware Analysis – djvu – 4caa7052f4ee833a16c8c0ba7f0db275

RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM

LockBit 3.0 Ransomware Victim: gruposanford[.]com

Appshark – Static Taint Analysis Platform To Scan Vulnerabilities In An Android App

Cobalt Stike Beacon Detected – 121[.]5[.]117[.]173:8081

Cobalt Stike Beacon Detected – 157[.]245[.]120[.]14:80

Cobalt Stike Beacon Detected – 157[.]245[.]120[.]14:443

Cobalt Stike Beacon Detected – 137[.]184[.]168[.]41:443

Cobalt Stike Beacon Detected – 192[.]144[.]231[.]244:80

Cobalt Strike Beacon Detected – 182[.]160[.]14[.]158:7777

Cobalt Strike Beacon Detected – 106[.]75[.]247[.]91:443

Cobalt Strike Beacon Detected – 118[.]25[.]91[.]151:443

Cobalt Strike Beacon Detected – 39[.]98[.]40[.]53:8888

Cobalt Strike Beacon Detected – 156[.]224[.]19[.]17:443

You may have missed