Cobalt Stike Beacon Detected – 5[.]44[.]42[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Malware Analysis – danabot – 3572e56a91ed00b2a383c8efd1b64653
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 3572e56a91ed00b2a383c8efd1b64653SHA1:...
Malware Analysis – djvu – a1f3f1f4e250c96cbbee38b5d6babd7e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: a1f3f1f4e250c96cbbee38b5d6babd7eSHA1: 34f96b5e8d04ea15f2079d51383986a1cbc91123ANALYSIS DATE: 2022-10-14T10:24:10ZTTPS: T1222, T1082, T1053, T1005,...
Malware Analysis – djvu – 381c69c453ddd6ecebb0535db66d069a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 381c69c453ddd6ecebb0535db66d069aSHA1: f023209a0bc9a96fe9cb9d17a5012ddc2ee28462ANALYSIS DATE: 2022-10-14T10:37:50ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – ransomware – 45ac7cd59d7f250217c69d5ec042632d
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 45ac7cd59d7f250217c69d5ec042632dSHA1: cf41622eea189b592cc3f31d9eadceba56144310ANALYSIS DATE: 2022-10-14T10:34:50ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Cobalt Stike Beacon Detected – 139[.]9[.]1[.]63:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]168[.]117[.]95:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 66[.]42[.]48[.]182:6443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]245[.]205:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Experts released PoC exploit code for critical bug CVE-2022-40684 in Fortinet products
Experts released the PoC exploit code for the authentication bypass flaw CVE-2022-40684 in FortiGate firewalls and FortiProxy web proxies. A...
DJI drone tracking data exposed in the US
Over 80,000 drone IDs were exposed in the leak of a database containing information from airspace monitoring devices manufactured by...
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
Overview On September 10, 2022, a user reported on Zimbra’s official forums that their team detected a security incident originating...
Malware Analysis – discovery – 6905e9e6ec69c8f324f51d755f8a85f0
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 6905e9e6ec69c8f324f51d755f8a85f0SHA1: 18b8badd020675e0251c7431899c58de4fb76533ANALYSIS DATE: 2022-10-13T22:30:48ZTTPS: T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – 493d67f1e5dad681c15249f4c8737980
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 493d67f1e5dad681c15249f4c8737980SHA1: c49a0dcd26cc9c3cfe43e5398dc7e9f928ba1f97ANALYSIS DATE: 2022-10-13T23:23:45ZTTPS: T1082, T1012, T1120, T1491, T1112, T1004, T1060, T1091,...
Malware Analysis – djvu – 40afe7409ce7634d460ba5e85c477efc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 40afe7409ce7634d460ba5e85c477efcSHA1: 609cc6265c63ea0b9ceaa8e8e0a9bfe81032c3d4ANALYSIS DATE:...
Malware Analysis – smokeloader – 5a1dc674681bf0652500813bedd52416
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5a1dc674681bf0652500813bedd52416SHA1: 02209e45efac844b5cf7a8dbfe098172a81630a9ANALYSIS DATE: 2022-10-14T02:02:45ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – 6507fceb882ebd25468607abfca30b3c
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 6507fceb882ebd25468607abfca30b3cSHA1: 56d558db5207c1d683ad4804abda4e285eabb76eANALYSIS DATE: 2022-10-13T23:23:50ZTTPS: T1088, T1089, T1112, T1060, T1158, T1082, T1012, T1120,...
Malware Analysis – smokeloader – 3926dc32500a1214432357400c2743e1
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3926dc32500a1214432357400c2743e1SHA1: 5ab53cea630a962e320d641d0f3e31beab8513eeANALYSIS DATE: 2022-10-14T02:56:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – a11e40135fd9ff472e8ade1b52d6e9a5
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: a11e40135fd9ff472e8ade1b52d6e9a5SHA1: fda874e1fd920a5ef9c3703899868902ccbacc15ANALYSIS DATE: 2022-10-14T03:02:03ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 2534c737caef3e493adb9d938ef169d8
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 2534c737caef3e493adb9d938ef169d8SHA1: 027f16794348fdabb32f4b9920e71920964e79a5ANALYSIS DATE: 2022-10-14T03:03:03ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – d4eeebdda5eb7be85f2d03b81f579342
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: d4eeebdda5eb7be85f2d03b81f579342SHA1: f64302686c60e1f67a33456af80e1a4b9f21b8ecANALYSIS DATE: 2022-10-14T03:02:04ZTTPS: T1091, T1005, T1081, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...
Malware Analysis – danabot – a8175a6f56749f36c353e0e25e2dc7cd
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – ransomware – 776eb80d497eead5b2ed81835694bfb9
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 776eb80d497eead5b2ed81835694bfb9SHA1: 0124f5f2cadb6e75c6f18137a7ff7affa75fccbfANALYSIS DATE: 2022-10-14T03:04:03ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – edcc881113cb158df3922975670d3454
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: edcc881113cb158df3922975670d3454SHA1: 91a406d9bf0a64aad0e5768c7f3a94bde6b92475ANALYSIS DATE: 2022-10-14T03:27:03ZTTPS: T1012, T1082, T1060, T1112,...
