Uncommon infection and malware propagation methods
Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing....
threatintel
Malware Analysis – smokeloader – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ab588ece9842c824014b896fab00c0d9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: ab588ece9842c824014b896fab00c0d9SHA1: 178a4fc3ee53ac17514c43774a705ffa082ccbf8ANALYSIS DATE: 2022-10-06T03:15:02ZTTPS: T1082, T1012, T1053, T1005,...
Malware Analysis – djvu – b41eea91a5da56541e24b7e3d9aa8785
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: b41eea91a5da56541e24b7e3d9aa8785SHA1: a8d5deb621ca66b36343e3e96c5157a7c398ae3eANALYSIS DATE: 2022-10-06T02:39:14ZTTPS:...
Malware Analysis – smokeloader – 1ced7cd6ef30b3f92f7fc8f63ac950f7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1ced7cd6ef30b3f92f7fc8f63ac950f7SHA1: 1a251a94485c2cee0e307937bf9eb9fe52646ea4ANALYSIS DATE: 2022-10-06T03:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1ced7cd6ef30b3f92f7fc8f63ac950f7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 1ced7cd6ef30b3f92f7fc8f63ac950f7SHA1: 1a251a94485c2cee0e307937bf9eb9fe52646ea4ANALYSIS DATE: 2022-10-06T03:18:16ZTTPS:...
Malware Analysis – djvu – 57ccdf9f24953d0f20bc77894cd4b0c5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 57ccdf9f24953d0f20bc77894cd4b0c5SHA1: eeedfe5aeb5e05b0bb9ac3cf0f11fd7e1674ef65ANALYSIS DATE: 2022-10-06T03:38:45ZTTPS:...
Malware Analysis – djvu – dac04bf5ad22b2b2fb80f236c89fcae8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: dac04bf5ad22b2b2fb80f236c89fcae8SHA1: 6e53fd2cb1baca78fc3b020f1217b0fb327b21baANALYSIS DATE: 2022-10-06T03:25:33ZTTPS: T1060, T1112, T1222, T1012,...
Malware Analysis – ransomware – 51aa11d492b16e856d105368839e9105
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 51aa11d492b16e856d105368839e9105SHA1: 9800d1db47238cffea6d5581b57bab555b6df82dANALYSIS DATE: 2022-10-06T03:31:03ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – smokeloader – 57ccdf9f24953d0f20bc77894cd4b0c5
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 57ccdf9f24953d0f20bc77894cd4b0c5SHA1: eeedfe5aeb5e05b0bb9ac3cf0f11fd7e1674ef65ANALYSIS DATE: 2022-10-06T03:31:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – cd04692eb2df69eb2b87a56de3ca6c6d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: cd04692eb2df69eb2b87a56de3ca6c6dSHA1: b23728ed4296bbb9d77050e61049619a6411226fANALYSIS DATE: 2022-10-06T04:00:22ZTTPS:...
Malware Analysis – djvu – 508dc342135b5c5f406628a795bfd629
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 508dc342135b5c5f406628a795bfd629SHA1: 1fc937a5a09e4129b3886304b9a66d4d3215bde0ANALYSIS DATE: 2022-10-06T04:20:50ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – smokeloader – cb8f25cb414b4a08471ee5e140be28e7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb8f25cb414b4a08471ee5e140be28e7SHA1: 74587cc5fdc2264f2ec7c0137c7fb46550fdf8feANALYSIS DATE: 2022-10-06T04:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – cd04692eb2df69eb2b87a56de3ca6c6d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cd04692eb2df69eb2b87a56de3ca6c6dSHA1: b23728ed4296bbb9d77050e61049619a6411226fANALYSIS DATE: 2022-10-06T04:02:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 01a4096da858cb71710110bbe6a56cfc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 01a4096da858cb71710110bbe6a56cfcSHA1: 95bbbf3e0355f98e8fe38ba08de9b4fbc96ca90aANALYSIS DATE: 2022-10-06T04:43:01ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – smokeloader – cb8f25cb414b4a08471ee5e140be28e7
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb8f25cb414b4a08471ee5e140be28e7SHA1: 74587cc5fdc2264f2ec7c0137c7fb46550fdf8feANALYSIS DATE: 2022-10-06T04:31:50ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – d20f8b6f1875a6fe3615de0fab3b3c66
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: d20f8b6f1875a6fe3615de0fab3b3c66SHA1: 02d88f992f5ef8eda66a94ee9c9f13b6145c2302ANALYSIS DATE: 2022-10-06T04:42:55ZTTPS: T1053, T1005, T1081, T1060,...
Malware Analysis – djvu – cb8f25cb414b4a08471ee5e140be28e7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: cb8f25cb414b4a08471ee5e140be28e7SHA1: 74587cc5fdc2264f2ec7c0137c7fb46550fdf8feANALYSIS DATE: 2022-10-06T04:32:25ZTTPS:...
Avast releases a free decryptor for some Hades ransomware variants
Avast released a free decryptor for variants of the Hades ransomware tracked as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ ....
Cobalt Stike Beacon Detected – 205[.]185[.]119[.]170:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]221[.]195[.]114:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]44[.]42[.]14:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – d83d5eb2e04dfb86886580c499e8c6c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: d83d5eb2e04dfb86886580c499e8c6c8SHA1: 5cc72ad56333105c3125c347996a375f6eea3ff1ANALYSIS DATE: 2022-10-05T21:04:30ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – smokeloader – a1a707c217336e4ae154a23f36f3608d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a1a707c217336e4ae154a23f36f3608dSHA1: 23e83155a5741a21cfae3f635ba964f308b2da8eANALYSIS DATE: 2022-10-05T20:31:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
