Details

_id 62eb6ec8348d24c6a7972c5c
reference ['https://twitter.com/c_apt_ure/status/1554807740605890560/photo/1', 'https://www.virustotal.com/gui/domain/vvat22.con-ip.com/relations']
md5 []
sha1 []
sha256 []
mail []
ip ['194.213.3.182']
domain ['vvat22.con-ip.com']
url []
user c_APT_ure
tweet Going back to the #malware sample discussed in the thread. the C2 used for #AsyncRAT and #PandorahVNCRAT (vvat22.con-ip.com / 194.213.3.182) seems to be quite fresh. likely used only since 2022-07-29. a few days ago. https://www.virustotal.com/gui/domain/vvat22.con-ip.com/relations https://twitter.com/c_APT_ure/status/1554807740605890560/photo/1
id 1554807740605890560
retweets 1
link https://twitter.com/c_APT_ure/status/1554807740605890560
mentions []
hashtags ['#malware', '#AsyncRAT', '#PandorahVNCRAT']
date 2022-08-03 12:33:46
timestamp 1659555226

Tweet