Details

_id 5fff7bcabcb56fe1554a1f5d
reference ['https://twitter.com/ffforward/status/1349437725435428866/photo/1', 'https://bazaar.abuse.ch/sample/83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b/', 'https://bazaar.abuse.ch/sample/fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1/']
md5 []
sha1 []
sha256 ['83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b', 'fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1']
mail []
ip []
domain ['pastebin.com']
url ['https://pastebin.com/raw/kJuuGPzD']
user ffforward
tweet #Dridex via @Dropbox from compromised accounts. @Office365 MDO safe links completely missed this one. even that the links leads straight to the download. MDE alerted. XLS: https://bazaar.abuse.ch/sample/83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b/ DLL: https://bazaar.abuse.ch/sample/fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1/ URLs: https://pastebin.com/raw/kJuuGPzD h/t @Scoobs_McGee https://twitter.com/ffforward/status/1349437725435428866/photo/1
id 1349437725435428866
retweets 8
link https://twitter.com/ffforward/status/1349437725435428866
mentions ['@Dropbox', '@Office365', '@Scoobs_McGee']
hashtags ['#Dridex']
date 2021-01-13 19:26:39
timestamp 1610562399

Tweet