Tweetovi

Blokirali ste korisnika/cu @executemalware

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @executemalware

  1. proslijedio/la je Tweet
    prije 1 sat
    Poništi
  2. proslijedio/la je Tweet
    prije 3 sata

    2020-02-03 - gtag ono29 - from PDF attachments in emails: Example of the PDF attachment available at: - Link in PDF file --> password-protected zip archive (password in PDF message text) --> Trickbot EXE disguised as some sort of document/report

    Poništi
  3. proslijedio/la je Tweet
    prije 5 sati

    ⚔️⛑️Team, we're looking for your feedback & offering a 10% discount😎as we are working on advanced analysis & reverse engineering course. 📈Our first course attracted ~5,000 global students w/ 100+ certified w/ 7hrs of latest malware/RE content. The form is below.👇

    Poništi
  4. proslijedio/la je Tweet
    prije 5 sati

    It's not every day you see an with , but here you go: http://it-corp[.]info

    Poništi
  5. prije 6 sati

    Today I don't have any IOCs that aren't already in URLHaus. However, here are some senders that I saw:

    Poništi
  6. proslijedio/la je Tweet
    prije 9 sati

    Fresh loader at: https://thinkunicorn[.]com/wp-admin/css/colors/fish/HraXJHWvJbyTvdLwdaAu/0ev7Bg.bin hash 9aa3089af134627ef48b178db606268a on cc

    Poništi
  7. proslijedio/la je Tweet
    prije 20 sati

    Analysis of a triple-encrypted AZORult downloader

    Poništi
  8. proslijedio/la je Tweet
    prije 23 sata

    Weekend Summary Post for 2020/01/31-2020/02/02: Ivan slowed the burn of loaders on distro to 30 minutes instead of 5 minutes apart Sat. More Greta/Corona spam templates. Spam stopped SAT Mor. E1 ~139, E2 ~200, E3 ~ 150. TT

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    2. velj
    Poništi
  10. proslijedio/la je Tweet
    1. velj
    Poništi
  11. proslijedio/la je Tweet
    1. velj
    Poništi
  12. proslijedio/la je Tweet
    1. velj

    20 hours later, 100% survival rate. some of the processor hacked .php sites hosted elsewhere didn't even survive.

    Poništi
  13. 31. sij

    I saw moderate volume today - around 75 emails. I received emails with document attachments as well as with URL links. Here's what I saw/found:

    Poništi
  14. proslijedio/la je Tweet
    31. sij

    This should all be corrected for blocklists and existing posts/URLHaus. Sorry for anyone this caused issues for!

    Poništi
  15. proslijedio/la je Tweet
    31. sij

    :D Payload is Ursnif.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    31. sij
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    31. sij

    AAR for 2020/01/30: I received about 2 dozen malspams the E2 botnet today and they were all link based generic templates with the exception of 1 attachment based. Strangely, many of them did not even have a subject for the malspam. Back for weekend update on Sunday. HF!

    Poništi
  18. proslijedio/la je Tweet
    31. sij

    2020-01-30 - Traffic Analysis Exercise: Sol-Lightnet - You get a and a list of alerts - You're asked to write an incident report - Join the fun at: -

    Prikaži ovu nit
    Poništi
  19. 31. sij

    I'm back to fairly heavy volume (~115 emails today). All but 1 had document links (as opposed to attachments). I saw both payload download methods again. Here's what I saw/gathered (there's 1 quintet that wasn't in URLHaus when I last looked) :

    Poništi
  20. proslijedio/la je Tweet
    31. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·