threatintel

Cobalt Stike Beacon Detected – 170[.]178[.]221[.]75:443

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – danabot – 1c97fe480655937cf930f0995c79cbf7

October 13, 2022

Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 1c97fe480655937cf930f0995c79cbf7SHA1:...

Malware Analysis – ransomware – 360b111625fe3289ea1779b0ca40d489

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 360b111625fe3289ea1779b0ca40d489SHA1: abd454c80be6b25059be9cd381d22124a7e5f41bANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1091, T1005, T1081, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – ransomware – ea9d35bc6d698f846ecf13c84b3326f8

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: ea9d35bc6d698f846ecf13c84b3326f8SHA1: 15e7566cd4bfc980e46c9a680b11628f3901bb63ANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...

Malware Analysis – ransomware – 192684738594363bf7a140d359881d69

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 192684738594363bf7a140d359881d69SHA1: 363e926ba670351ae995462145ab7df4ceb585caANALYSIS DATE: 2022-10-13T09:41:05ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...

Cobalt Stike Beacon Detected – 51[.]13[.]117[.]44:443

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]35[.]17[.]6:80

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 175[.]138[.]130[.]122:443

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 354aa164855b5cbaeafcd282b9a60958

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 354aa164855b5cbaeafcd282b9a60958SHA1: 42023de2bf25ca33b5538b21655e5321594e8cf0ANALYSIS DATE:...

Malware Analysis – chaos – 101104ab266f519ef2eec3ef1137bcd2

October 13, 2022

Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 101104ab266f519ef2eec3ef1137bcd2SHA1: 2aedc1d100bda8064273301d7c1433285220b73eANALYSIS DATE: 2022-10-13T10:21:04ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – djvu – e2e744fb489405d8fdb26e14d960fb7a

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e2e744fb489405d8fdb26e14d960fb7aSHA1: 7c2b44637e41e8d03a9069a4979cc60cfcb05f2dANALYSIS DATE: 2022-10-13T10:31:08ZTTPS: T1012, T1082, T1060, T1112,...

Malware Analysis – djvu – bb620b4c8cd29b0e565beb009a797cc4

October 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: bb620b4c8cd29b0e565beb009a797cc4SHA1: 1a1ed9f539edb451729fa238d0f7393e97ffe9c6ANALYSIS DATE: 2022-10-13T10:15:47ZTTPS: T1012, T1082, T1053, T1060,...

Cobalt Stike Beacon Detected – 43[.]142[.]81[.]62:80

October 13, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

YoWhatsApp, unofficial WhatsApp Android app spreads the Triada Trojan

October 13, 2022

Kaspersky researchers warn of a recently discovered malicious version of a popular WhatsApp messenger mod dubbed YoWhatsApp. Kaspersky researchers discovered...

Malicious WhatsApp mod distributed through legitimate apps

October 13, 2022

Last year, we wrote about the Triada Trojan inside FMWhatsApp, a modified WhatsApp build. At that time, we discovered that...

LockBit 3.0 Ransomware Victim: okibrasil[.]com

October 13, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: independence[.]com[.]co

October 13, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: cnachile[.]cl

October 13, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Malware Analysis – evasion – 78fb313740232b13615c14de5fe81d70

October 13, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 78fb313740232b13615c14de5fe81d70SHA1: 45a8e75a5bb0e687a206dc031f21603907dbb8e0ANALYSIS DATE: 2022-10-12T21:41:16ZTTPS: T1082, T1112, T1060, T1491, T1004, T1064 ScoreMeaningExample10Known badA malware...

Malware Analysis – ransomware – dab2bb8982c1da0048f560e930afe95c

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: dab2bb8982c1da0048f560e930afe95cSHA1: 8b6418b55fec99d01ea7474231e1827f2ca56cbaANALYSIS DATE: 2022-10-13T02:41:03ZTTPS: T1091, T1005, T1081, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – ransomware – cd0cf0b1117f9e493726ed593d5bf916

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: cd0cf0b1117f9e493726ed593d5bf916SHA1: 6e6cb292ac779f1030240d42562dad4e2e99cd7bANALYSIS DATE: 2022-10-13T02:41:03ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...

Malware Analysis – smokeloader – 449b7be8f61cd4ffd5a80e8851ead125

October 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 449b7be8f61cd4ffd5a80e8851ead125SHA1: 25d911c7ff9d6d4fea8ab4aca26ff4d5559b35f7ANALYSIS DATE: 2022-10-13T02:31:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 2935ee61391af466b8d503e016abe89c

October 13, 2022

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 2935ee61391af466b8d503e016abe89cSHA1: f0e642ae088d09252c2bd1d9b3aa57a5349c8627ANALYSIS DATE: 2022-10-13T03:20:35ZTTPS: T1112, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – ransomware – f4eea2dda8834439364e89108e16fd2a

October 13, 2022

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: f4eea2dda8834439364e89108e16fd2aSHA1: 19237f6fef37c80dc5df451057735cf720581b64ANALYSIS DATE: 2022-10-13T03:20:06ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...

threatintel

Cobalt Stike Beacon Detected – 170[.]178[.]221[.]75:443

Malware Analysis – danabot – 1c97fe480655937cf930f0995c79cbf7

Malware Analysis – ransomware – 360b111625fe3289ea1779b0ca40d489

Malware Analysis – ransomware – ea9d35bc6d698f846ecf13c84b3326f8

Malware Analysis – ransomware – 192684738594363bf7a140d359881d69

Cobalt Stike Beacon Detected – 51[.]13[.]117[.]44:443

Cobalt Stike Beacon Detected – 101[.]35[.]17[.]6:80

Cobalt Stike Beacon Detected – 175[.]138[.]130[.]122:443

Malware Analysis – djvu – 354aa164855b5cbaeafcd282b9a60958

Malware Analysis – chaos – 101104ab266f519ef2eec3ef1137bcd2

Malware Analysis – djvu – e2e744fb489405d8fdb26e14d960fb7a

Malware Analysis – djvu – bb620b4c8cd29b0e565beb009a797cc4

Cobalt Stike Beacon Detected – 43[.]142[.]81[.]62:80

YoWhatsApp, unofficial WhatsApp Android app spreads the Triada Trojan

Malicious WhatsApp mod distributed through legitimate apps

LockBit 3.0 Ransomware Victim: okibrasil[.]com

LockBit 3.0 Ransomware Victim: independence[.]com[.]co

LockBit 3.0 Ransomware Victim: cnachile[.]cl

Malware Analysis – evasion – 78fb313740232b13615c14de5fe81d70

Malware Analysis – ransomware – dab2bb8982c1da0048f560e930afe95c

Malware Analysis – ransomware – cd0cf0b1117f9e493726ed593d5bf916

Malware Analysis – smokeloader – 449b7be8f61cd4ffd5a80e8851ead125

Malware Analysis – ransomware – 2935ee61391af466b8d503e016abe89c

Malware Analysis – ransomware – f4eea2dda8834439364e89108e16fd2a

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

You may have missed