Brad

@malware_traffic

Sharing information on malicious network traffic and malware samples

127.0.0.1
Vrijeme pridruživanja: srpanj 2013.

Tweetovi

Blokirali ste korisnika/cu @malware_traffic

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @malware_traffic

  1. Prikvačeni tweet
    24. sij

    Public Service Announcement (PSA): If one of my blog posts at is titled "quick post:" that means it has no IOCs. For 2020, anything without "quick post" in the title means it has a text file with IOCs from the infection (file hashes, domains, URLs, etc)

    Poništi
  2. 4. velj

    2020-02-03 - with attachment for epoch 2 - Paste of headers/message text: - Pastebin raw: - Sandbox analysis of Word doc:

    Poništi
  3. 4. velj

    Thanks to everyone who replied. Confirmed it's , which is something I've seen from in recent weeks.

    Prikaži ovu nit
    Poništi
  4. 4. velj

    2020-02-03 - pushing () - email spoofed a Gmail address from a mailbox on a lab host I infected last year - The message is completely made up - Paste: - Pastebin raw: - Sandbox analysis:

    Poništi
  5. 3. velj

    2020-02-03 - gtag ono29 - from PDF attachments in emails: Example of the PDF attachment available at: - Link in PDF file --> password-protected zip archive (password in PDF message text) --> Trickbot EXE disguised as some sort of document/report

    Poništi
  6. 3. velj

    2020-02-03 - EXE files from URLs ending in ".png" - caused by Trickbot's mshareDll/mwormDll/TabDll modules - Paste of info: - Pastebin raw:

    Poništi
  7. 3. velj

    2020-02-03 - Got this as a payload from today, but I can't figure out what it is yet. -

    Prikaži ovu nit
    Poništi
  8. 3. velj

    Don't forget registration for training classes at 2020 on Friday, Feb 28th (the day before the conference proper on Saturday Feb 29th) - Link: - My full-day workshop is at the end of the list - You'll have a great time at any of these classes!

    Poništi
  9. 31. sij

    D'oh! I got everything else right except for the picture... Thanks, , for the DM letting me know about this!

    Prikaži ovu nit
    Poništi
  10. 31. sij

    2020-01-30 - Traffic Analysis Exercise: Sol-Lightnet - You get a and a list of alerts - You're asked to write an incident report - Join the fun at: -

    Prikaži ovu nit
    Poništi
  11. 31. sij

    2020-01-29 - () infection - of the infection with the associated malware/artifacts, and a list of IOCs available at:

    Poništi
  12. proslijedio/la je Tweet
    30. sij
    Poništi
  13. proslijedio/la je Tweet
    28. sij

    ISC diary: reviews an infection with as the follow-up malware

    Poništi
  14. 27. sij

    2020-01-27 - EXE files from URLs ending in ".png" caused by Trickbot's mshareDll/mwormDll/tabDll modules - Paste of info: - Pastebin raw:

    Poništi
  15. 24. sij

    2020-01-24 - Italian pushes - 4 email examples, a of the infection traffic, the associated malware/artifacts, and some IOCs available at:

    Poništi
  16. 24. sij

    Of note, I've noticed this German on Tuesday 2020-01-21 (info_01_21.doc), Wednesday 2020-01-22 (info_01_22.doc), and Thursday 2020-01-23 (info_01_23.doc) - Will it continue tomorrow on Friday 2020-01-24? - We will soon find out!

    Prikaži ovu nit
    Poništi
  17. 24. sij

    2020-01-23 - German pushes - 4 email examples, a of the infection traffic, the associated malware/artifacts, and some IOCs available at:

    Prikaži ovu nit
    Poništi
  18. 24. sij

    2020-01-22 - Quick post: infection with - example of the , a of the infection traffic, and the associated malware available at:

    Poništi
  19. 23. sij
    Prikaži ovu nit
    Poništi
  20. 23. sij

    2020-01-23 - I wasn't able to get a infection today, but I got one on Tuesday 2020-01-21 with - You can find a example, of the infection, associated malware/artifacts, and some IOCs at: - Better late than never

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·