Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @0xFrost
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xFrost
-
Prikvačeni tweet
Doing IR case for a client just found out that
#emotet is present on their DC for about 1 year and no one from their IT staff found out. https://pastebin.com/p4RH8LVr@Cryptolaemus1@JRoosen@CofenseLabs@unixroninpic.twitter.com/LaqE2U4Ixz
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
to everyone that is submitting malware URL.https://twitter.com/abuse_ch/status/1225669533668532226 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
Very useful tool if you are studying Drivers. https://github.com/zodiacon/DriverMon … Also really enjoyed the book: Windows Kernel Programming https://leanpub.com/windowskernelprogramming …
@zodiaconHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
another vb6 dropper downloading
#remcos#rat from: http://axisau.main.]jp/core0.bin https://app.any.run/tasks/fc22174c-1654-43d6-adc8-cc147cd9f1ce … Refs: https://twitter.com/P3pperP0tts/status/1223994354643226624?s=20 …pic.twitter.com/FlKHjzLVv3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
#APT Operation#Origami:Cyber attack on multinational military and political institutions in South Asia 198.54.117.197-200#india IP 115.111.244.34 tatacommunications support IOC relate to#sidewinder 185.225.17.40 -> ap1-acl./net report from Antiy: https://translate.google.com/translate?hl=&sl=zh-CN&tl=en&u=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2FmFVoFpPFSJb88rpWMJScZg&sandbox=1 …pic.twitter.com/FHX1DYH1Jo
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#darkcomet#rat https://app.any.run/tasks/4480ee30-8334-4fd6-9d9e-0181a5c4f31e/ … c2: scca.duckdns[.]orgHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#formbook https://app.any.run/tasks/59ca09d1-3153-4ed4-8b1c-bab86977c44d/ … c2: regular123[.]infoHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#lokibot https://app.any.run/tasks/ce87cca6-1523-47c6-8c1a-9cf36ca5ed2e/ … c2: http://gpi-q[.]com/craks/five/PvqDq929BSx_A_D_M1n_a.php@hexlax@James_inthe_box@JAMESWT_MHT@DrolSecurity@luc4m@malwrhunterteam@P3pperP0tts@FewAtoms@shotgunner101Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
I received 30
#emotet emails today - that's the highest volume I've seen in about a week. A couple of the Word documents that I saw had the new VBA macros.
Here's what I saw/gathered:https://pastebin.com/wATSZmeh Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hey
@YouTube Is it possible to disable this User please https://www.youtube [.]com/channel/UC5rZeqnotZF-8-rqOUVkL3A All his videos are promoting and containing links that are dropping Malware. Thread:https://twitter.com/fr3dhk/status/1222184625918959616?s=20 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
Dridex malspam incoming
Sender domains:
deliverychuckh\.website
delivercedor\.website
deliverychuckh\.website
Filename:
BS005738599784.vbs
BS005738599784.rar
MD5 hash (VBS):
0cd98cbe50e461d2cb8f1651003d4383
Dridex C2s:
46.105.131.71:443
173.249.16.143:1443Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
From an adware to a banking trojan: - PUA.InstallCapital c4b1077d4954b2536239dd7546ea6202 - Stage2 InstallCapitall: PUA.ImpulseLTD (exee. space/installer/exee.exe) - Stage2 ImpulseLTD : Dreambot (AES (new ?!) dJReCsX8qWlhQ0kv) 34.240.96. 52/files/sp/vvvv.exepic.twitter.com/8aiRcQOdm8
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
Great research on detecting
#Ryuk ransomware! "Getting Ahead of Ryuk attacks using YARA rules" by@MalwareUtkonoshttps://blog.reversinglabs.com/blog/hunting-for-ransomware …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
Maybe I'm just paranoid but pckg-lab\.eu at 91.241.19\.83 just doesn't smell right...pic.twitter.com/L3mjP5Ph7m
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
#malware C2 Panels TOP 5 last 3 months: 1-#PredatorTheThief (324 panels) 2-#Lokibot (192) 3-#Azorult (97) 4-#AgentTesla (42) 5-#Pony (38) Source: http://tracker.viriback.com pic.twitter.com/bV9Rublc5V
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#mailspam#agenttesla#Albania hash: 6b3c0f32d588e5120598cdb09d6695ec https://app.any.run/tasks/0076216b-4e37-4619-8408-6f07dbe0bf3b … c2 smtp exfil: mail[.dwdl.com.]bdpic.twitter.com/YEeNMjqU2A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet

#brushaloader#malware from#maldoc#PowerPoint targets#Italia
hxxps://kamasutraladies.com/faktura.zip
POST to askkkkkkassaa.]xyz
@JAMESWT_MHT@matte_lodi@James_inthe_box@malwrhunterteam@merlos1977@VK_Intel#DFIR#infosec#cybersecurity#ThreatIntel#threathuntingpic.twitter.com/QtaLrhgsTt
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
hxFrost proslijedio/la je Tweet
Fake Company, Real Threats: Logs From a Smart Factory
#Honeypot - http://ow.ly/wRhf30qbpYP#ICS#SCADAHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
Incoming
#hancitor#malspam run, all subjects contain Docusign sender address is: docusign@shelbourncpa.us tracking paste:https://pastebin.com/y7WgvhrUPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
hxFrost proslijedio/la je Tweet
2020-01-22:


#Dridex Banker |
#EvilCorp Group & Offshoots
Module:
"vnc_x32|64.dll"
VncStart|StopServer
Activating Inject Function via VNC Redirection |
"VNC is starting your browser..."
Remote Connect for #Fraud/Account Takeover
Re-Used #Carberp/#ISFB VNC Modulepic.twitter.com/6VqRwUZi4z
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.