Details

_id 62eb6ec8348d24c6a7972c4d
reference ['https://twitter.com/x3ph1/status/1554880382729916417/photo/1', 'https://bazaar.abuse.ch/sample/409936126580148f08d0f360ce793a25a9f4ecdb1449e700f6317d2a69cb4da5/']
md5 []
sha1 []
sha256 ['409936126580148f08d0f360ce793a25a9f4ecdb1449e700f6317d2a69cb4da5']
mail []
ip ['190.14.37.244']
domain []
url ['http://190.14.37.244:8000/fxtiaziotivzxqhi']
user x3ph1
tweet Another malicious ISO to LNK observed. ➡️ iso ➡️ lnk ➡️ script exec = > ps = > C2 post Mal sample https://bazaar.abuse.ch/sample/409936126580148f08d0f360ce793a25a9f4ecdb1449e700f6317d2a69cb4da5/ coupon.iso 409936126580148f08d0f360ce793a25a9f4ecdb1449e700f6317d2a69cb4da5 C2: http://190.14.37.244:8000/fxtiaziotivzxqhi @JAMESWT_MHT https://twitter.com/x3ph1/status/1554880382729916417/photo/1
id 1554880382729916417
retweets 0
link https://twitter.com/x3ph1/status/1554880382729916417
mentions ['@JAMESWT_MHT']
hashtags []
date 2022-08-03 17:22:26
timestamp 1659572546

Tweet