| _id |
5fff7bcabcb56fe1554a1f5d |
| reference |
['https://twitter.com/ffforward/status/1349437725435428866/photo/1', 'https://bazaar.abuse.ch/sample/83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b/', 'https://bazaar.abuse.ch/sample/fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1/'] |
| md5 |
[] |
| sha1 |
[] |
| sha256 |
['83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b', 'fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1'] |
| mail |
[] |
| ip |
[] |
| domain |
['pastebin.com'] |
| url |
['https://pastebin.com/raw/kJuuGPzD'] |
| user |
ffforward |
| tweet |
#Dridex via @Dropbox from compromised accounts. @Office365 MDO safe links completely missed this one. even that the links leads straight to the download. MDE alerted.
XLS: https://bazaar.abuse.ch/sample/83386fb9fa084ea2de1f106d155a819b8090f95c28ed7a0f3c9756910bcedc5b/
DLL: https://bazaar.abuse.ch/sample/fdf50dbb288d2bd4a325783e72c1e5c598c87ed11725131f14f449dd6cc22cb1/
URLs: https://pastebin.com/raw/kJuuGPzD
h/t @Scoobs_McGee https://twitter.com/ffforward/status/1349437725435428866/photo/1 |
| id |
1349437725435428866 |
| retweets |
8 |
| link |
https://twitter.com/ffforward/status/1349437725435428866 |
| mentions |
['@Dropbox', '@Office365', '@Scoobs_McGee'] |
| hashtags |
['#Dridex'] |
| date |
2021-01-13 19:26:39 |
| timestamp |
1610562399 |