Details

_id 5fb99c434d1f714726bd9b36
reference ['https://twitter.com/ffforward/status/1330214661577437187', 'https://www.hybrid-analysis.com/yara-search/results/9bed7163c8810d2b149645e7a616f9389c044e12bc65cf57fa5d40eb0289ba41', 'https://github.com/strangerealintel/cerberus/tree/master/unknownjsloader/2020-11-21', 'https://github.com/strangerealintel/dailyioc/tree/master/2020-11-21/gootkit']
md5 []
sha1 []
sha256 ['9bed7163c8810d2b149645e7a616f9389c044e12bc65cf57fa5d40eb0289ba41']
mail []
ip []
domain []
url []
user Arkbird_SOLG
tweet Thanks to @ffforward for the sample. Full code + Decoder (for automatise the analysis): https://github.com/StrangerealIntel/Cerberus/tree/master/UnknownJSLoader/2020-11-21 Yara rule: https://github.com/StrangerealIntel/DailyIOC/tree/master/2020-11-21/Gootkit Malquery : https://www.hybrid-analysis.com/yara-search/results/9bed7163c8810d2b149645e7a616f9389c044e12bc65cf57fa5d40eb0289ba41 ref: https://twitter.com/ffforward/status/1330214661577437187
id 1330282086461288448
retweets 0
link https://twitter.com/Arkbird_SOLG/status/1330282086461288448
mentions ['@ffforward']
hashtags []
date 2020-11-21 22:48:59
timestamp 1605995339

Tweet