Details

_id 5e4726ffff3a68ada2cde30c
reference ['https://www.virustotal.com/gui/file/17f73a5cd04ca12f2a9b359d2871fc6bf198c4952dc715b57970eea0bd78471c/details']
md5 ['ab284dccb09484ff6a3a116152edcb75']
sha1 ['68bfb664e9712195e83d401b5775c475842cb72d']
sha256 ['17f73a5cd04ca12f2a9b359d2871fc6bf198c4952dc715b57970eea0bd78471c']
mail []
ip ['181.112.157.42', '193.26.217.243']
domain []
url ['181.112.157.42:449']
user ItsReallyNick
tweet "salesforce.docx" uploaded yesterday Low static detection (4/60): https://www.virustotal.com/gui/file/17f73a5cd04ca12f2a9b359d2871fc6bf198c4952dc715b57970eea0bd78471c/details … Embedded executable "salesforce_report.exe" • election-themed PE data • CMSTPLUA UAC bypass • probably #Trickbot • comms with: 181.112.157.42:449 (that cert ) & 193.26.217.243 pic.twitter.com/5BNIEpmWBE
id 1228166387492737024
retweets 42
favorites 80
link https://twitter.com/ItsReallyNick/status/1228166387492737024
mentions []
hashtags ['#Trickbot']
timestamp 1581652659
date 2020-02-14 04:57:39

Tweet