Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @killamjr
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @killamjr
-
Prikvačeni tweet
For those with access to a SIEM with email headers, things to watch with email campaigns like emotet: Patterns in: Message-ID X-Mailer URLs in message body Filenames Sender host IP/Domain Obvious sender spoof attempts
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
AAR if anyone wants to poke at the JS:https://app.any.run/tasks/a3cfb7f6-e166-4729-b809-9a8b2ef2b355 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
#predator Sample's a little old, it was at the bottom of the spam trap payload at daqrey-bg[.]site DocuSign themed maldoc, leverages bitsadmin. sample I got: https://app.any.run/tasks/21779415-089a-43cf-a99d-3a58bb88e184 … found this sample from when it was live on AAR: https://app.any.run/tasks/acd6b259-53c8-4735-8c5e-7c643dce4881/ …pic.twitter.com/SU7ffmlgoL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Can't wait to see the Chefs vs the 7^2 in the Superb Owl
#sportsballHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
some bad guy is spreading fresh aviation-themed
#malspam "NVG-KEA_AviationPurchase" [KAS_STATUS_NOT_DETECTED] .. lol ! 475cc45a9660557910260dbf26ade2f0 Same doc structure as@killamjr 's https://twitter.com/killamjr/status/1221488551352659974 …@James_inthe_box@JAMESWT_MHT@Racco42@makflwanapic.twitter.com/NfKCtLru4c
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
The Netwire remote access trojan (RAT) has left a trail of crumbs across various platforms.
@ForensicITGuy shows us how it looks on Linux.https://redcanary.com/blog/netwire-remote-access-trojan-on-linux/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
This is a great project and I am proud to be able to work with others and feed data into this.
https://twitter.com/abuse_ch/status/1222481940529459201 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
7d3eb86696eebbcc0ff05917d2b7d0a3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
Pretty sure this is
#Dridex predictionsbet[.]xyz/jzwuhpimvfguizahlrpjdnfawneuymwp/hlpt.bin@killamjr@malware_traffic@James_inthe_box@JAMESWT_MHT@abuse_chHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
finally a macro sample using something other than ps as a wmiprvse child process :) https://app.any.run/tasks/2f64ab4f-b405-4462-830c-03cbdf475216/ …pic.twitter.com/oci6S4ItBH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#Malware https://app.any.run/tasks/3fd39357-84a3-435f-98f9-52ef6598e173 …#hawkeye snarfs out data via FTP to ftp.faltelecom[.]com faltelecom@faltelecom.com Playboy@11pic.twitter.com/Q196aBBDK3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I forget to mention, this url at yewonder is almost definitely a
#webshell hXXps://yewonder.com/wp-content/plugins/ltfhmam/pic.twitter.com/iKAB01Khz6
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#Malware https://app.any.run/tasks/2fa282b6-3e39-49c6-b642-20c8e979d218 …#smokeloader hXXp://j5cool.xyz/wp/ hXXp://185.35.137.147/mlp/Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
#Malware https://app.any.run/tasks/d1c87962-4f64-4399-9c92-6dfee5284e64/ … connects to www.classicpalace[.]ae but no download payload: (compiled locally by csc)#agenttesla mailserver mail.stalexinc[.]com email: lori@stalexinc.com stlx2009pic.twitter.com/iSa168MBgj
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#malware https://app.any.run/tasks/5bb47889-64a6-40bf-a77d-0ba2b2578942/ … payload: hXXps://yewonder.com/wp-content/plugins/ltfhmam/eklnxx.msi#lodalogger c2: breakthrough.hopto org:64735pic.twitter.com/PemOJpRphQ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
Our CFP is open! We are trying out
@busyconf this year:https://bsidesspfd2020.busyconf.com/proposals/newHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
We need a new group organizer! If you are interested in taking over the spfdsec meetups, send a DM and we can work out account hand over. Otherwise, this account, and the meetups, will go dormant. Thanks!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
Goooooooooooood morning,
#AgentTesla! .rtf > excel.exe > powershell > csc.exe > download .exe s://craftedcravings.net/wp-admin/4458.exe Renames and executes > Exfils data via SMTP to mail[.]gpphysio[.]co[.]zahttps://app.any.run/tasks/4d568a7d-089a-4a78-b8c0-c3f7c49c8104 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
#dridex#payload at@virusbay_io and@anyrun_app https://app.any.run/tasks/df007c5b-56e8-4851-b48c-a405fabc7cf4 … H/T https://twitter.com/killamjr/status/1220005964121665538?s=20 …@VirITeXplorer@matte_lodi@reecdeep@merlos1977@luc4m@malwrhunterteam@James_inthe_box@FewAtoms@Arkbird_SOLG@Jirehlov@tccontre18@FBussoletti@piccolo_u23@Anub1sSecpic.twitter.com/LFrHhIc4zu
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suspicious Link proslijedio/la je Tweet
Just received a similar one. Payload: hxxps://kayeboutique[.]net/help[.]bin
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
For bug reports and feature requests -> DM me