| _id |
606e2baeb88874129917f67a |
| reference |
['https://twitter.com/h2jazi/status/1379816750120861697/photo/1'] |
| md5 |
['b52faf5a2bb331ab852478fd80addbe6'] |
| sha1 |
[] |
| sha256 |
[] |
| mail |
[] |
| ip |
[] |
| domain |
[] |
| url |
[] |
| user |
h2jazi |
| tweet |
#CobaltStrike
Target: Myanmar
"Submit to Admin Officer for Negative results.rar"
b52faf5a2bb331ab852478fd80addbe6
DLL side-loading:
Words.exe -> wwlibs.dll -> Drops two embedded resources -> Makes AppXUpdate.exe persistence
DLL side-loading:
AppXUpdate.exe -> CefBrowser.dll https://twitter.com/h2jazi/status/1379816750120861697/photo/1 |
| id |
1379816750120861697 |
| retweets |
16 |
| link |
https://twitter.com/h2jazi/status/1379816750120861697 |
| mentions |
[] |
| hashtags |
['#CobaltStrike'] |
| date |
2021-04-07 15:22:03 |
| timestamp |
1617801723 |