| 1 |
HeliosCert |
@HeliosCert
Sample analysed on #virustotal
VirusTotal-Score: 65
VirusTotal: https://www.virustotal.com/gui/file/7aede614483b9f34df2cd1c677423faddcd45b7e764b64a25f41d867d50ef15e/detection/f-7aede614483b9f34df2cd1c677423faddcd45b7e764b64a25f41d867d50ef15e-1594309040
Threat: Ransom_WCRY.SMALYM (TrendMicro)
|
2020-11-25 22:45:02 |
| 2 |
bad_packets |
Active CVE-2020-14882 ( https://github.com/jas502n/CVE-2020-14882) payload detected: http://205.185.116.78/poc.xml
http://205.185.116.78/xms
http://205.185.116.78/d.py
#threatintel https://twitter.com/bad_packets/status/1331727162689298432/photo/1
|
2020-11-25 22:31:12 |
| 3 |
malware_traffic |
2020-11-25 (Wednesday) - Another wave of #TA551 (#shathak) Word docs with English template pushing #IcedID - Paste of info: https://pastebin.com/43E0C8w3 - Pastebin raw: https://pastebin.com/raw/43E0C8w3 https://twitter.com/malware_traffic/status/1331720027188441088/photo/1
|
2020-11-25 22:02:51 |
| 4 |
D3LabIT |
@GooglePlay @immuni_app @AgidCert @csirt_it @hwupgrade @Tech_fanpage #VirusTotal: https://www.virustotal.com/gui/file/15691634b82d38106fe60012e6e485863000ce4dff57cf37b0d95825771928c2/detection
|
2020-11-25 21:53:35 |
| 5 |
GrujaRS |
Sample #Vash_Sorena extension.
.Email= Decrypt85@gmail.comID= XXXXXXXXXX .encrypt
Ransom note;Unlock_All_Files.txt
https://www.virustotal.com/gui/file/bf9f31608deb672c319e79660504179b7f5c837cb5a5a21fed94bb8b7555401f/detection https://twitter.com/GrujaRS/status/1331702161126854657/photo/1
|
2020-11-25 20:51:51 |