#CobaltGang #APT
Low detection on VT.
#COOLPANTS/#CobInt:
600154fcb03e775f007ef7b1547b169c
6ec0edd1889897ff9b4673600f40f92f
C2:
telekom-support[.]info
#ThreatIntel
-
Show this thread
-
Replying to @MeltX0R1 reply 0 retweets 4 likes
-
Replying to @ItsReallyNick @MeltX0R
Started as Docs.vhdhttps://app.any.run/tasks/804089ad-9502-4119-82c9-705963d0a404/ …
1 reply 0 retweets 7 likes -
another vhd itw?
@wdormann1 reply 0 retweets 4 likes -
Replying to @JayTHL @James_inthe_box and
Sure looks like VHD as a container for malware is working swimmingly! https://www.virustotal.com/gui/file/64d16900fce924da101744edce28b9ee648192486d9062c427c17589b5f204fb/detection … https://www.virustotal.com/gui/file/0c85c1045899291cba47c7171599446642b87015a76d5b22f8cc51f4a6e45a90/detection … https://www.virustotal.com/gui/file/3382a75bd959d2194c4b1a8885df93e8770f4ebaeaff441a5180ceadf1656cd9/community …pic.twitter.com/VjwAlcrYnY
1 reply 7 retweets 14 likes -
YARA - suspiciously small VHD files https://github.com/Neo23x0/signature-base/blob/master/yara/gen_vhd_anomaly.yar …
1 reply 0 retweets 10 likes
Additionally, no VHD or VHDX file should probably be allowed through any mail server. Ever.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
