| _id |
606b88abb88874129917f317 |
| reference |
['https://app.threatconnect.com/auth/incident/incident.xhtml?incident=', 'https://twitter.com/kyleehmke/status/1379042132334411782/photo/1'] |
| md5 |
[] |
| sha1 |
[] |
| sha256 |
[] |
| mail |
['8979ksg@protonmail.com'] |
| ip |
['45.147.228.63', '212.114.52.129', '212.114.52.230'] |
| domain |
['app.threatconnect.com', 'mid-service.com', 'knowledgeofworld.org', 'diplomatictraining.com'] |
| url |
['https://app.threatconnect.com/auth/incident/incident.xhtml?incident'] |
| user |
kyleehmke |
| tweet |
Several most likely Thallium domains registered on 4/3/21 through MonoVM using 8979ksg@protonmail.com:
diplomatictraining.com (45.147.228.63)
knowledgeofworld.org (212.114.52.129)
mid-service.com (212.114.52.230)..
In @ThreatConnect: https://app.threatconnect.com/auth/incident/incident.xhtml?incident= 4689407424 https://twitter.com/kyleehmke/status/1379042132334411782/photo/1 |
| id |
1379042132334411782 |
| retweets |
7 |
| link |
https://twitter.com/kyleehmke/status/1379042132334411782 |
| mentions |
['@protonmail', '@ThreatConnect'] |
| hashtags |
[] |
| date |
2021-04-05 12:04:00 |
| timestamp |
1617617040 |