Last 5 Entries

ID User Tweet Date
1 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 0 VirusTotal: https://www.virustotal.com/file/c8f936ae78bb808abe60b827d61049ce2443e1786c7e113b8dc07947e8175ab2/analysis/1582491912/ … Threat: 2020-02-23 23:25:02
2 IpNigh #PhishingKit found on #Phishing site. Threat Actor emails found in dump: cartertyler04@yandex.com. marcusjoe559@gmail.com For more information on kits contact me. 2020-02-23 21:27:27
3 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxp://www.lookinglovelytoday.com/hxxps/1/sucursalpersonas.transaccionesbancolombia.com/mua Threat Actor Emails are attached below. Bot Generated pic.twitter.com/25a5ASgJsk 2020-02-23 21:27:26
4 0xrb https://www.xda-developers.com/whatsapp-search-engine-group-invite-links/ … 2020-02-23 19:52:47
5 JohnLaTwC This Japanese language maldoc (新型コロナウイルスについて.xlsm) uses a #Coronavirus lure. The real infection threat is the #PowerShell payload inside (neutered or PoC). https://www.virustotal.com/gui/file/5a14108efb96ce5cd96494c574561418c0c0dc581022aa2cff1955a7643cf4e7/detection … pic.twitter.com/bDnE677WrF 2020-02-23 19:49:22
6 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 48 VirusTotal: https://www.virustotal.com/file/1f2ae650fdefb75fd7775dd7ad86aa81ca7d19595f58b4a07b32a6502079d815/analysis/1582462809/ … Threat: Trojan:Win32/Wacatac.C!ml (Microsoft) 2020-02-23 19:20:02
7 pmelson Don't worry. you'll remember the actual shellcode one of these days. https://pastebin.com/df1cjsRq 2020-02-23 19:11:36
8 pmelson When the package arrives. but the box is empty: https://pastebin.com/5WvVTPDk 2020-02-23 18:27:35
9 IpNigh #PhishingKit found on #Phishing site. Threat Actor emails found in dump: escalibur2003@protonmail.com. maxderez85@protonmail.com For more information on kits contact me. 2020-02-23 18:24:54
10 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://ipcop.pro/sinc/enar.php Threat Actor Emails are attached below. Bot Generated pic.twitter.com/qTlko2I6uF 2020-02-23 18:24:53
11 pmelson Base64-encoded CVE-2017-5123 ELF binary: https://pastebin.com/iH31D24L 2020-02-23 17:37:19
12 FrancoDespecho Phishing rondando desde el 2017 y no hacen nada para bajar la pagina maliciosa? https://hybrid-analysis.com/sample/57b5d7db91d742f3e1654c9b9cb32c06b7106f259493cbff00a103c015e7e169 … 2020-02-23 17:32:11
13 IpNigh #PhishingKit found on #Phishing site. Threat Actor emails found in dump: patrickwoodland@yandex.com. you@youremail.com. joelaw007@yahoo.com For more information on kits contact me. 2020-02-23 15:32:02
14 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://littlehearts2littlehands.com/Chase/Chasewithemail/login.php Threat Actor Emails are attached below. Bot Generated pic.twitter.com/KG2ggXIqGK 2020-02-23 15:32:01
15 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 6 VirusTotal: https://www.virustotal.com/file/b295e6731d5ce2f468ae2458b33524fca799b445205fb9efb351c963f09f2d60/analysis/1582206614/ … Threat: 2020-02-23 14:40:02
16 feasiblenetwork Look at the Analysis of " https://faisal.awkum.edu.pk/wp-content/theme/Adobe …" with malicious activity. https://app.any.run/tasks/bcd97fd4-4025-4eae-9910-2268a39751ad … 2020-02-23 14:28:05
17 IpNigh #PhishingKit found on #Phishing site. Threat Actor emails found in dump: patrickwoodland@yandex.com. you@youremail.com. joelaw007@yahoo.com For more information on kits contact me. 2020-02-23 14:15:15
18 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://tr-mobil-ziraat-dijital.tk/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/kspW3l9FGy 2020-02-23 14:15:15
19 GrujaRS #MedusaLocker #Ransomware extension .ReadInstructions! Ransom note;Recovery_Instructions.html Email contact; malieholtan@protonmail.com emergency911service@outlook.com Sample VT https://www.virustotal.com/gui/file/6b9ca4cbb68f23e164625614d9d074b7bb9e2c5aeb429034ed4d6440594ce64e/detection … pic.twitter.com/qrC0L7Q5Tx 2020-02-23 13:42:29
20 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://bilter4900.com.br/arquivos/tmp/src/www2.juno.com/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/4d1AuxccHj 2020-02-23 13:13:30
21 GrujaRS New #Enigma #Ransomware extension .0x6A0C8! No ransom for now. probably a test version! Sample VT https://www.virustotal.com/gui/file/52a2d27d7b2da01ca8edee27f7ef7e0ff6e916c0b237d465dc00d9f668ca7b13/detection … @BleepinComputer @LawrenceAbrams @Amigo_A_ pic.twitter.com/ijqoiAEHHo 2020-02-23 13:07:06
22 kimberling_149 Conoce estas 5 herramientas para no entrar en páginas maliciosas https://www.redeszone.net/tutoriales/seguridad/herramientas-detectar-sitios-web-maliciosos/ … Sucuri https://sitecheck.sucuri.net/ PCRisk https://scanner.pcrisk.com/ MyWOT https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp … URLVoid https://www.urlvoid.com/ VirusTotal https://www.virustotal.com/gui/home/url 2020-02-23 12:18:55
23 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://xn--mgbaouk8fwa.xn--mgbab2bd/wellsfargo/wells-fargo-security-update/login.php Threat Actor Emails are attached below. Bot Generated pic.twitter.com/fDdBCot9v7 2020-02-23 10:45:40
24 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://totycosmetica.pt/proJectFILE/dropbox2016/Home/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/AzSzXLHvdk 2020-02-23 08:48:51
25 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 48 VirusTotal: https://www.virustotal.com/file/457d91ee381a341869f0c6e317361acf58606842e3eb2535e6d5e18c4aee378c/analysis/1577238258/ … Threat: TROJ_GEN.R002C0DLO19 (TrendMicro) 2020-02-23 08:40:02
26 malwaretracekr #택배 #스미싱 #Smishing #RoamingMantis #MoqHao h**p://netsg.xyz/?zgft @xyz (128.14.26.131) @zenlayer iOS : h**p://nbgds.xyz @xyz (128.14.25.175) @zenlayer download app : chrome.apk (Chrome) https://www.virustotal.com/gui/file/7ddc334851a64c99145bee3f7921b8486e84ab2173f838cc528c4ce9105f556f/detection … @kisa118 @malwrhunterteam @papa_anniekey @Spam404Online pic.twitter.com/c6v5b72OEj 2020-02-23 08:03:57
27 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/file/c0f31771fbc18ba5e68ff7cd29cdf82bc2806a5b6652019ba820ab6146474bee/analysis/1566031433/ … Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2020-02-23 07:45:02
28 bad_packets Active DDoS malware payload detected: http://122.114.57.92:8888/mips ( https://www.virustotal.com/gui/url/23faa5a67a2542e33679f35f79fcdd2ef73531f3e872b4e7b7b8cf7e796c055a/details …) Exploit target: Huawei router remote code execution vulnerability CVE-2017-17215 ( https://nvd.nist.gov/vuln/detail/CVE-2017-17215 …) Exploit attempt source IP: 122.114.57.92 () #threatintel pic.twitter.com/t6EPs6Fb2D 2020-02-23 07:27:12
29 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 19 VirusTotal: https://www.virustotal.com/file/27c9843e9b8df04614c753007091a24c3f3c84668b5122a2d39bc0cfe54e659b/analysis/1582337510/ … Threat: Gen:Variant.MSILKrypt.46 (BitDefender) 2020-02-23 07:25:02
30 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 36 VirusTotal: https://www.virustotal.com/file/65da4ede295a31428f8a1ae2ea76f27c92dc5d9c8cb5cc440a69c82bc0cbd6e5/analysis/1582370019/ … Threat: Backdoor:MSIL/Bladabindi.AJ (Microsoft) 2020-02-23 06:30:02
31 86_compatible UPDATE: we have a virustotal entry now: https://www.virustotal.com/gui/file/0a937d4fe8aa6cb947b95841c490d73e452a3cafcd92645afc353006786aba76/details … and boy oh boy is this particular bit of malware thorough 2020-02-23 06:08:37
32 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://haasudbury.com/index/Adobe%20acrobat/login.php Threat Actor Emails are attached below. Bot Generated pic.twitter.com/y9vgBI0FeJ 2020-02-23 06:05:20
33 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://sogefap.com/facebook/device-based/regular/login/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/CPcvKtYUY0 2020-02-23 04:15:59
34 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/file/149979213411fcac20f7cbc1a26e1521b80073aff05d4c0f967046ef5f23b13a/analysis/1574595189/ … Threat: TROJ_AGENT.SMAI (TrendMicro) 2020-02-23 03:30:02
35 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxp://tallerespragar.es/voip/pagee/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/oljQgGb1S8 2020-02-23 03:28:56
36 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://ayem.org.ng/wp/wp-content/themes/twentytwenty/inc/nab/login/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/mAd514AmAn 2020-02-23 02:03:31
37 starwars9_on https://www.hybrid-analysis.com/sample/f7148011aee3cfdcf5d5a7358cadb5a33111b156660f6ca524f63ca07d0864d3 … https://www.hybrid-analysis.com/sample/f7148011aee3cfdcf5d5a7358cadb5a33111b156660f6ca524f63ca07d0864d3 … https://www.hybrid-analysis.com/sample/a79edbb5deb715af58d98a3c34d5444908fc0b27741905a90c0b4431c088ff8a … https://www.hybrid-analysis.com/sample/33a1916b2ca2af35296b0a1646daf7479c38b859274d28f55e2308ac67650e8c … https://www.hybrid-analysis.com/sample/d68eb2efa311b7ef37071074f49c482cff59a53babdf978bbe86bac16276cb5f … https://www.hybrid-analysis.com/sample/66efe45177074d0cc4ed0e3c573fee76a17d9ce7946866a56dc1a619cc6b6697 … https://www.hybrid-analysis.com/sample/59e2cf1c03467e3e3f32266f6e1f4fe616fdc4292428bc8d8a94a7ce86a3422e … https://www.hybrid-analysis.com/sample/f69afe8822cc815b054e6f200c2af6638498ba77b3eafc92e161fc63dcc6852d … https://www.hybrid-analysis.com/sample/8d541f852369cb1a6e61c1f0d8811dfa6d0354439a100fa2051adbc9bc3b8fa3 … 2020-02-23 01:33:56
38 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 44 VirusTotal: https://www.virustotal.com/file/30ef3d46a266114674f601d9d03f85029ec54821f104b9e86903113d47914b6f/analysis/1582390808/ … Threat: Trojan:Win32/Wacatac.C!ml (Microsoft) 2020-02-23 01:10:02
39 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 1 VirusTotal: https://www.virustotal.com/file/35c5c9b18e73d2a03e724d8f422cf53511995dc6229dce6f654397e42816157b/analysis/1526611001/ … Threat: 2020-02-22 23:30:02
40 0verfl0w_ Time for another post! Following on from last week's blog. we're statically reversing stage 2 of our shellcode. which incorporates API hashing. interesting stack usage. and more! Once again. you can grab the sample from @virusbay_io! https://0ffset.net/reverse-engineering/common-shellcode-techniques-2/ … 2020-02-22 23:07:52
41 pmelson PowerPoint and http://draw.io 2020-02-22 21:49:03
42 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 36 VirusTotal: https://www.virustotal.com/file/f0f425ab50a4839e3fcf9a69d944473ae37813e076aed3d6bc3b44ce8ae206b5/analysis/1582389609/ … Threat: Trojan:Win32/Wacatac.D!ml (Microsoft) 2020-02-22 21:25:03
43 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/file/860b2217cd9c289b17795d176001dd3771a80016c21b53310ce4b0502dbb3dbd/analysis/1551436258/ … Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2020-02-22 21:15:02
44 James_inthe_box Drops #agenttesla via @onedrive at: https://onedrive.live.com/download?cid= 95FCF6A0982EDBAA&resid= 95FCF6A0982EDBAA%21384&authkey= ADToz6om2_g4nq4 exfils to serverrrmandate@yandex.kz 2020-02-22 19:03:35
45 IpNigh #PhishingKit found on #Phishing site. Threat Actor emails found in dump: patrickwoodland@yandex.com. you@youremail.com. joelaw007@yahoo.com For more information on kits contact me. 2020-02-22 16:53:22
46 IpNigh #Phishing | #PhishKit | #PhishingKit Found and downloaded. URL:hxxps://sogefap.com/facebook/device-based/regular/login/ Threat Actor Emails are attached below. Bot Generated pic.twitter.com/QIWPLzvIDs 2020-02-22 16:53:22
47 Abdulaziz_Hmadi للحفاظ على أمانك، إذا وصلك رابط مشبوه على البريد أو أي شبكة اجتماعية على الإنترنت، فلابد تتأكد من أمانه وعدم احتواءه على برمجيات خبيثة عبر الأدوات التالية: أداة فحص سلامة الروابط والملفات من الفيروسات: https://www.virustotal.com/ أداة كشف مصدر الرابط المختصر: https://revealurl.xyz/ pic.twitter.com/jCj7IBMoe8 2020-02-22 16:35:19
48 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 66 VirusTotal: https://www.virustotal.com/file/248ab286f66c8623a3b3a787159daf6dc232cfcfec0592a3fd0eb23a30785bb4/analysis/1579482918/ … Threat: Ransom_WCRY.THBOGH (TrendMicro) 2020-02-22 15:00:02
49 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 1 VirusTotal: https://www.virustotal.com/file/bf3ebeb7a969d94058a79b0c90933edea714f80148d9d2c891ad05f00abddf8d/analysis/1582325942/ … Threat: 2020-02-22 14:45:02
50 pmelson It was set to expire by the original uploader. A copy of the decoded PE binary gets uploaded to VirusTotal by @ScumBots each time it catches something: https://www.virustotal.com/gui/file/1a125973511a94f7c42af9c6a4944b5b4b2d4ec87deb2fa73baec1d2e4bd4c5d/detection … 2020-02-22 14:27:23