Nice find! Its always nice when proactive rules hit off new samples :) Different hashes, but here they are: https://www.virustotal.com/gui/file/322748ad491d19293af1782370a3a0907bf0ee45c4b29d43d000149bb3328994/details … - rdpscanDll32 https://www.virustotal.com/gui/file/13d102d546b9384f944f2a520ba32fb5606182bed45a8bba681e4374d7e5e322/detection … - rdpscanDll64
Found new #TrickBot module (rdpscanDll) that scans for RDP access. Tagged by our proactive detection as Gen:Variant.Trickbot.18 since 2019-08-22. All available in our #threatintelligence c900819dd66b6dcf346ee8a5536ed1ab (32 bit) / 31cd31a9214b904d661e398d33c5ea4a (64 bit)
-
-
-
Which GTAG dropped these?
- Još 1 odgovor
Novi razgovor -
-
-
"Release_nologs" seems like a pretty common module string: cc:
@VK_Intel@James_inthe_boxhttps://vk-intel.org/2017/09/11/lets-learn-trickbot-banking-trojan-adds-credential-stealer-to-inject-module-targets-windows-10-edge-browser/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.