| _id |
62ee11ba348d24c6a7972e4b |
| reference |
['https://twitter.com/ankit_anubhav/status/1555522253235691520/photo/1', 'https://bazaar.abuse.ch/sample/ffcaa2430a9e03ed2ce5f0f9c142bb6371cfae2bebed5b6c6b3959ba564c1cda/'] |
| md5 |
[] |
| sha1 |
[] |
| sha256 |
['ffcaa2430a9e03ed2ce5f0f9c142bb6371cfae2bebed5b6c6b3959ba564c1cda'] |
| mail |
[] |
| ip |
[] |
| domain |
[] |
| url |
[] |
| user |
ankit_anubhav |
| tweet |
@1ZRR4H @Max_Mal_ @pr0xylife @0xToxin Typical ACTION= HELLO C2 comms
Exe gets bloated so pushed zip instead on Bazaar.
https://bazaar.abuse.ch/sample/ffcaa2430a9e03ed2ce5f0f9c142bb6371cfae2bebed5b6c6b3959ba564c1cda/
The spelling of malware is Grandoreiro. my bad for the typo.
Not sure what is tougher. to spell it or to analyze it 🙃 https://twitter.com/ankit_anubhav/status/1555522253235691520/photo/1 |
| id |
1555522253235691520 |
| retweets |
2 |
| link |
https://twitter.com/ankit_anubhav/status/1555522253235691520 |
| mentions |
['@1ZRR4H', '@Max_Mal_', '@pr0xylife', '@0xToxin'] |
| hashtags |
[] |
| date |
2022-08-05 11:53:00 |
| timestamp |
1659725580 |