Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @malware_traffic
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @malware_traffic
-
2018-12-27 -
#malspam pushes#shade (#Troldesh)#ransomware - 7 email examples, a#pcap of the infection traffic, and the associated#malware at: https://www.malware-traffic-analysis.net/2018/12/27/index.html … - saw#nheqminer sent with this infection and numerous Wordpress site login attempts from my infected hostpic.twitter.com/gULnQPTw43
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-27 - The message text in this
#sextortion#spam example from today seems a little more lazy than usual - Paste of the email: https://pastebin.com/X0r4acHs - Pastebin raw: https://pastebin.com/raw/X0r4acHs pic.twitter.com/N8tW7Crmur
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-27 -
#Trickbot executable files sent as URLs ending in ".png" from 195.123.212[.]29 starting today - Paste with info on today's examples: https://pastebin.com/f3RAiQBV - Pastebin raw: https://pastebin.com/raw/f3RAiQBV - See Pastebin info about toler.png (it's always an old file)pic.twitter.com/SonoKHqeQM
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-26 - Two
#pcap files I provided for UA-CTF in Nov 2018 - Now available to the public, with my suggested tasks and answers - Not a#TrafficAnalysisExercise, but bonus material for those who've done the regular exercises but want more practice - https://www.malware-traffic-analysis.net/2018/CTF/index.html …pic.twitter.com/ylq3dIsTmX
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-18 - Traffic Analysis Exercise - Eggnog Soup - Answers are now available: https://www.malware-traffic-analysis.net/2018/12/18/index.html … -
#TrafficAnalysisExercise#pcappic.twitter.com/D92Q6oZPMW
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-26 -
#malspam campaign using malicious XLS file attachments - Not sure what this is, but saw thousands of emails went out from this campaign earlier today - Paste of details at: https://pastebin.com/4KARvya8 - Pastebin Raw: https://pastebin.com/raw/4KARvya8 pic.twitter.com/AIFOB4z6FL
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
happy boxing day!
#dridex sample anyone?@malware_traffic@James_inthe_box Subject: order. W343357 Attachment 111 (1).doc https://www.virustotal.com/#/file/b0533d0caad6a2c71dca3c75068b18ca70403fa4ffd87f442cf62e95d4702e21/detection … doc callout hxxps://invoice.name/fetch/832d124add4964e37c6e4f5bbd94f373 Downloads https://www.virustotal.com/#/file/2f9ea6867015f7f1eb43250255f95d35c610f4f6741aa39ad1ade181c5dd705d/detection …Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-24 -
#Trickbot executable files sent as URLs ending in ".png" from 91.200.100[.]169 starting as early as Wednesday 2018-12-19 - Paste with info on today's examples available at: https://pastebin.com/1bmfNRSt - Pastebin raw: https://pastebin.com/raw/1bmfNRSt pic.twitter.com/9KziDUYzLa
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
#trickbot@malware_traffic@James_inthe_box Filename Check_Track_130838161.doc https://www.virustotal.com/#/file/31eb49c85b42403e17670ecc1675228222854dfe2f9fece4949a84131c3cab81/detection … Download URLs hxxp://23.92.89 155/hole2.php hxxp://192.227.204 214/hole1.php hxxp://167.160.36 37/hole3.php Excutable: hxxp://[above ip]/crean.ova https://www.virustotal.com/#/file/d3a31c0441487e255ed1b2b99ddaa0d334a9e2b4e8e597397fadb9fbf735dba8/detection …Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-19 -
#malspam pushing#MyDoom is still a thing (ever since 2004). I don't think it will ever go away. - Recent examples and a#pcap of the infection traffic available at: https://www.malware-traffic-analysis.net/2018/12/19/index.html …pic.twitter.com/eGjCF8y0Jw
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-20 - Quick post:
#Emotet infection with#Gootkit -#pcap and#malware at: https://www.malware-traffic-analysis.net/2018/12/20/index2.html …pic.twitter.com/JhCpTGsaQp
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
2018-12-21: [Technical] Let's Learn: In-Depth on
#APT28/#Sofacy#Zebrocy Golang#Loader | Project Debugging Path -> "C:/!Project/C1/ProjectC1Dec/main.go" | Host Collection, Screenshot, C2, Exec | Golang Open Source Copy/Paste | 16 main* Functions +#Yara https://www.vkremez.com/2018/12/lets-learn-dissecting-apt28sofacy.html …pic.twitter.com/iNvGH73C7q
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-20 - Three days of
#Hancitor infections, today with#SmokeLoader -#pcap files of the infection traffic, associated#malware, and two#malspam examples available at https://www.malware-traffic-analysis.net/2018/12/20/index.html …pic.twitter.com/vmZoBXRZJu
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-20 - File info from
#Hancitor malspam infection (XLS file,#Hancitor EXE,#Ursnif EXE, and#SmokeLoader EXE) - Original thread started by@James_inthe_box: https://twitter.com/James_inthe_box/status/1075767229386346496 … - Paste: https://pastebin.com/RAUgpPxj - Pastebin raw (without the ads): https://pastebin.com/raw/RAUgpPxj pic.twitter.com/KdQDVXbVM6
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-19 - Traffic Analysis Exercise - Eggnog Soup - Join the fun at: https://www.malware-traffic-analysis.net/2018/12/18/index.html … - How do you make an Eggnog Soup exercise? - Add a few Windows hosts and a scoop of non-Windows hosts to the mix, then bake the
#pcap at 1500 MTU for 11 min -#TrafficAnalysisExercisepic.twitter.com/Y91d64mXMA
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
More
#icedid via passworded resume doc#malspam hosted at: http://209.141.61[.]249/555.exe c2 domains: lanoj[.]pw losived[.]host priolonis[.]host whoisther[.]com cc@benkow_@Xylit0l@Anti_Expl0it@h3x2b@cocaman@fumik0_@0Btemos_BHSpic.twitter.com/s10ErCZiwt
Show this threadThanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-19 - Example of
#Hancitor#malspam - Paste: https://pastebin.com/VSavR3sK - Pastebin raw: https://pastebin.com/raw/VSavR3sK - Submitted to VT: https://www.virustotal.com/#/file/6dae7c33ee24170ebbb84f49e52a286239c2243b2c6cb7640aa4d6eee62a6789/ …pic.twitter.com/rISW2wOwoQ
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
2018-12-19
#emotet email - various senders Sub: various w/ACH https://www.virustotal.com/#/file/538fd239dd0485e51a7bd8b9514de94afb039071d48d11fe5e53cec9578d4903/detection … https://www.virustotal.com/#/file/dca9c9feb8709cbcdf94268b37d61be3390aedbc64898830bcebc513c84e59ed/detection … https://www.virustotal.com/#/file/dc70019c2daa7ade6086921bdda76a6f9fc38793c4685648068bb44b1b3d6d42/detection … https://www.virustotal.com/#/file/3ae8a2899f8102a3914eefad28028a5002fe568fd7e02f1816145f4064b65666/detection … https://app.any.run/tasks/6ff3f528-546a-4301-b506-7c534418abc5 … https://app.any.run/tasks/71c4e7f3-5f06-40c0-8907-cbdcfe13e8c0 … https://app.any.run/tasks/34ff70ce-d10f-474f-9973-e89ff90d3028 …@ps66uk@James_inthe_box@dvk01uk@malware_trafficpic.twitter.com/J5h5A8yWaY
Show this threadThanks. Twitter will use this info to make your timeline better. UndoUndo -
2018-12-19 - File info from
#Hancitor malspam infection (XLS file,#Hancitor EXE, and#Ursnif EXE) - Thanks@James_inthe_box for your initial tweet chain about this - Paste: https://pastebin.com/FBb30ANp - Pastebin raw (without the ads): https://pastebin.com/raw/FBb30ANp pic.twitter.com/de4Bn2apQs
Thanks. Twitter will use this info to make your timeline better. UndoUndo -
Brad Retweeted
Thanks for the heads up on this issue - I have found the bug which is now fixed in https://github.com/ctxis/CAPE/commit/a9c5a87b5d33a7e9a5c1591a6a4d0ee1c126eca1 …. I won't be able to update the community instance until tonight or tomorrow but I will reprocess these failed jobs. Sorry for the inconvenience!
Thanks. Twitter will use this info to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.