Last 5 Entries

ID User Tweet Date
1 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 28 VirusTotal: https://www.virustotal.com/gui/file/1d3c123ef4b613990472a80a8c6471a0f7dd825f8bed27b1fd8c92ba87c82014/detection/f-1d3c123ef4b613990472a80a8c6471a0f7dd825f8bed27b1fd8c92ba87c82014-1638627673 Threat: Possible_HAJIME.SMLB1 (TrendMicro) 2021-12-04 23:35:03
2 kienbigmummy @monriver630 Thank you for your attention. Here: Maldoc: https://tria.ge/211203-qhs1csbfh7 Emotet DLL Loader: https://www.virustotal.com/gui/file/cd9419510c772ddf117334f1b3b2f987fe3d795351d2dcedfb76af765ddf17bb/details 2021-12-04 23:27:47
3 kienbigmummy @BaglaiVlad @fr0s7_ Yup. here you are: Maldoc: https://tria.ge/211203-qhs1csbfh7 Emotet DLL Loader: https://www.virustotal.com/gui/file/cd9419510c772ddf117334f1b3b2f987fe3d795351d2dcedfb76af765ddf17bb/details 2021-12-04 23:25:41
4 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 8 VirusTotal: https://www.virustotal.com/gui/file/1fa16aa1aaebe7a28ce893329d06d34b243ecafd34afd4c8d0a17aa4cc3f3563/detection/f-1fa16aa1aaebe7a28ce893329d06d34b243ecafd34afd4c8d0a17aa4cc3f3563-1638156321 Threat: 2021-12-04 21:50:02
5 phishunt_io #NewPhishing | #phishing #scam 🔗 /homesinterbankperu.cubmesd.com/ 🚩 70.32.23.109 ☁ A2HOSTING 🔒 cPanel. Inc. Certification Authority https://twitter.com/phishunt_io/status/1467245179614732300/photo/1 2021-12-04 21:31:25
6 bad_packets Mass scanning activity detected from 185.156.72.51 (🇳🇱/🇺🇦/🇷🇺*) targeting Microsoft Exchange servers vulnerable to #ProxyShell (CVE-2021-34473). First seen: 2021-12-04T06:55:14Z Last seen: 2021-12-04T20:35:46Z #threatintel ___________ *Geolocation vendors don't agree on location 2021-12-04 20:55:09
7 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/018a5306e7ef6dc5a400c2dbbb8b2402850c7f8185f40f3dab15eaa4b17140ef/detection/f-018a5306e7ef6dc5a400c2dbbb8b2402850c7f8185f40f3dab15eaa4b17140ef-1638478294 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 19:55:02
8 dubstard 🎯@Metamask ⚠ /bot-validate­.net ☢ AS22612 199.188.201.128 🇺🇸 🌐 @Namecheap 🖧 Namecheap @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 @MetaMaskSupport #scam #phishing https://twitter.com/dubstard/status/1467214579839258627/photo/1 2021-12-04 19:29:50
9 dubstard 🎯 @Polkadot ⚠ /fixapp­.site ☢ AS22612 199.188.201.128 🇺🇸 🌐 @Namecheap 🖧 Namecheap h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam #phishing https://twitter.com/dubstard/status/1467209273570729987/photo/1 2021-12-04 19:08:44
10 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/a0415419892d4322dbb267ac3c9828a603dd7ed609b5f8856e6851c363806a19/detection/f-a0415419892d4322dbb267ac3c9828a603dd7ed609b5f8856e6851c363806a19-1585412512 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 18:00:02
11 dubstard 🎯 @Metamask ⚠ /walletsprotocols­.online ☢ AS22612 192.64.118.78 🇺🇸 🌐 @Namecheap 🖧 ColoCrossing h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam https://twitter.com/dubstard/status/1467191549540945926/photo/1 2021-12-04 17:58:19
12 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/da6bef5eed66dd0e349477d1656b5eddaa93e6a309e74a43ce75a58ba7103b13/detection/f-da6bef5eed66dd0e349477d1656b5eddaa93e6a309e74a43ce75a58ba7103b13-1598955665 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 17:45:02
13 xiatianguo Day 4 #AdventofCyber done! https://tryhackme.com/room/adventofcyber3 #tryhackme @RealTryHackMe https://twitter.com/xiatianguo/status/1467171509299216384/photo/1 2021-12-04 16:38:41
14 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 60 VirusTotal: https://www.virustotal.com/gui/file/5a17f1fb9d5719ab712c5d3f76676f9a19df32f078146e43826f209b8ae6dfc8/detection/f-5a17f1fb9d5719ab712c5d3f76676f9a19df32f078146e43826f209b8ae6dfc8-1617581024 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 16:15:02
15 w0mbat5eoul @luketaylorgo @virustotal AV detection: https://www.virustotal.com/gui/url/6fb180e9f360accc0f44a8a8ece6d328ff8c64891f3549068688459820b77028/detection Detected as malicious and phishing 2021-12-04 16:10:26
16 oulusoyum #RedLine #Stealer Samples: https://app.any.run/tasks/b72de800-ab49-4fed-996a-4482d261d316 hxxps://codeload.github.com/shtempsoft/soft/zip/refs/heads/main @github username shtempsoft C2: 185.215.113.121 Sha256: f1eb035c8e23d03b366ff3b7dae385e0807d5f26867f8810c122cfc31843a90d https://twitter.com/oulusoyum/status/1467156857156517891/photo/1 2021-12-04 15:40:27
17 petrovic082 #Ransomware #Argos https://app.any.run/tasks/74867f5c-d18b-4ac4-8e92-e38d0ce7566b/ https://www.virustotal.com/gui/file/7bb72f6d4ea8c4008bf51cc0817db28cbf18bdaa3862509d6aa0f842d7822daf/detection 2021-12-04 15:23:18
18 dubstard 🎯@Metamask ⚠ /webwalletsverification.com 🌐 @Namecheap 🖧 Cloudflare h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 @MetaMaskSupport #scam https://twitter.com/dubstard/status/1467143315770552335/photo/1 2021-12-04 14:46:39
19 dubstard 🎯@Polkadot ⚠ /nftserverpad­.com ☢ AS14061 178.62.108.214 🇺🇸 🌐 @Namecheap 🖧 DigitalOcean h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam #Phishing https://twitter.com/dubstard/status/1467142085128200203/photo/1 2021-12-04 14:41:45
20 dubstard 🎯@Polkadot ⚠ /connectdapps­.io ☣ AS22612 68.65.123.168 🇺🇸 🌐 @Namecheap 🖧 Namecheap h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam #Phishing https://twitter.com/dubstard/status/1467141459358928900/photo/1 2021-12-04 14:39:16
21 dubstard 🎯@WalletConnect ⚠ /livewalletguide­.com ☣ AS48254 185.151.30.168 🇬🇧 🌐@Namecheap 🖧 20i Limited h/t @idclickthat @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam #phishing https://twitter.com/dubstard/status/1467141222095593483/photo/1 2021-12-04 14:38:20
22 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 56 VirusTotal: https://www.virustotal.com/gui/file/a62393faa942970ee2d53f7f1b503ea4827bc89eec9e7186cf9dba2f39f82dd4/detection/f-a62393faa942970ee2d53f7f1b503ea4827bc89eec9e7186cf9dba2f39f82dd4-1540428513 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 14:20:02
23 benkow_ GCleaner loader b44c9ee4e0b17e6ecc0cd60cebc14d710e15af7da15321cb677f41c5e30b44e6 R:\vsrepos\sukalogger\Release\sukalogger.pdb https://www.virustotal.com/gui/file/b44c9ee4e0b17e6ecc0cd60cebc14d710e15af7da15321cb677f41c5e30b44e6/detection 2021-12-04 14:11:41
24 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/12fd092dc365f4754f33412eac7732950925603775660561aecb203a7bb792ee/detection/f-12fd092dc365f4754f33412eac7732950925603775660561aecb203a7bb792ee-1638477831 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 14:05:03
25 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/8b51945ada866301cd583744f4363bbeac1b7ec84ee78c0135824a2dc57f7244/detection/f-8b51945ada866301cd583744f4363bbeac1b7ec84ee78c0135824a2dc57f7244-1638477543 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 13:40:02
26 ozuma5119 #malware #covid19 #phishing ⚠️ 🦠 hxxps://iabnc.com/Excel.exe IP: 103.93.76.204 (AS61414 EDGENAP) Registrar: Dynadot Brand: 厚生労働省 The Government of Japan 🇯🇵 IoC: https://otx.alienvault.com/pulse/61ab6d7559109b47da3a91f7 bazaar https://bazaar.abuse.ch/sample/f86988844cd1f04c326a1760c47336963d8b96d87ef8be140ebf6c3eb77086bd/ anyrun https://app.any.run/tasks/6b47b965-2160-4aef-87a0-035f22288b55/ https://twitter.com/ozuma5119/status/1467125363512082443/photo/1 2021-12-04 13:35:19
27 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 0 VirusTotal: https://www.virustotal.com/gui/file/1053666acf04eb1f578b41a0a9b96e75a910b15d68bc470161dcabc4c541b223/detection/f-1053666acf04eb1f578b41a0a9b96e75a910b15d68bc470161dcabc4c541b223-1582951287 Threat: 2021-12-04 12:35:02
28 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 57 VirusTotal: https://www.virustotal.com/gui/file/4a03ba800f020c6f2a24a909d06df251723ea8f0b5effa0d1ced21b8f2c7e313/detection/f-4a03ba800f020c6f2a24a909d06df251723ea8f0b5effa0d1ced21b8f2c7e313-1638482130 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 12:25:02
29 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 51 VirusTotal: https://www.virustotal.com/gui/file/9a76f62fed6269c81c2bef7c7bb4254bcdc648ae17ce89fbe2dea20ceb2f066c/detection/f-9a76f62fed6269c81c2bef7c7bb4254bcdc648ae17ce89fbe2dea20ceb2f066c-1556700597 Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2021-12-04 12:10:02
30 dms1899 @hey_wallet https://discord.com/invite/MalwareTech It is the only one I know of 2021-12-04 11:54:13
31 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/74d96340bf82866669b726cd2b79d1d52f1911c4922b7c08b3835767917ca1a6/detection/f-74d96340bf82866669b726cd2b79d1d52f1911c4922b7c08b3835767917ca1a6-1602929053 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 10:55:02
32 paskur Graphviz 2.49.3のWindows版のバイナリがVirusTotalでマルウェア判定なの気持ち悪いなぁ。 https://www.virustotal.com/gui/file/63a7eff47f8ab94fd89127a005c123d05bc817bf0709aaa85fee133d66aa9ff0 2021-12-04 09:58:02
33 petrovic082 #vbs #dropper https://app.any.run/tasks/d724a055-b419-4343-9435-3d8a84bed66d/ drop https://www.virustotal.com/gui/file/ee460a2480d718ff40e391a7418249ec88927dd59ba31bca9be2999c21768f7d/detection 2021-12-04 09:18:03
34 adl_bdh لهواتف الأندرويد الحق المر الجزء الثالث رابط إثبات خلو الملف من الفيروسات https://www.virustotal.com/gui/file/405fd539098565b7094b53709b0f339a7b458d74f3197e54754bbed135f8d2bb?nocache= 1 محمد الغزالي هذه مقالات قيمة كتبها الشيخ محمد الغزالى من سلسلة مقالات «الحق المر» على امتداد فترة زمنية ليست بالقصيرة https://adel-ebooks.mam9.com/t4693-topic#18678 أو http://muntada.sawtalummah.com/showthread.php?3435-%E1%E5%E6%C7%CA%DD-%C7%E1%C3%E4%CF%D1%E6%ED%CF-%C7%E1%CD%DE-%C7%E1%E3%D1-%C7%E1%CC%D2%C1-%C7%E1%CB%C7%E1%CB&p= 17334#post17334 https://twitter.com/adl_bdh/status/1467056064776581124/photo/1 2021-12-04 08:59:57
35 dubstard 🎯@WalletConnect ⚠ /validationfield­.com ☣ AS25369 109.70.148.33 🇬🇧 🌐 @Namecheap 🖧 Hydra Communications Ltd @zare @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 @pedrouid #Phishing https://twitter.com/dubstard/status/1467006144107458563/photo/1 2021-12-04 05:41:35
36 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/1ee2a998e742f2c5fefe4aa56dacc91f33fc44ff5c2ca939bd03cffac8a0ff38/detection/f-1ee2a998e742f2c5fefe4aa56dacc91f33fc44ff5c2ca939bd03cffac8a0ff38-1571715664 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 05:30:02
37 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 66 VirusTotal: https://www.virustotal.com/gui/file/1f8b302bca585f7717f9cb32baac390ba9577aa22f29b01404b78bc611bd352b/detection/f-1f8b302bca585f7717f9cb32baac390ba9577aa22f29b01404b78bc611bd352b-1587967924 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 05:05:03
38 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 23 VirusTotal: https://www.virustotal.com/gui/file/fd656cf90aca331297cf1cb06185c4e02e233604ff55d65c3f56a79fb8382403/detection/f-fd656cf90aca331297cf1cb06185c4e02e233604ff55d65c3f56a79fb8382403-1638548485 Threat: Possible_BASHDLOD.SMLBO1 (TrendMicro) 2021-12-04 04:50:02
39 dubstard 🎯@WalletConnect ⚠ /sync.wcmainnet­.xyz ☣ AS327813 169.255.59.10 🇿🇦 🌐@web4africa 🖧 VIDOLU Group Pty @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 @AfricaCERT @xyz #phishing #scam https://twitter.com/dubstard/status/1466993051935645697/photo/1 2021-12-04 04:49:33
40 dubstard 🎯@WalletConnect ⚠ /sync.wcmainnet­.xyz ☣ AS327813 169.255.59.10 🇿🇦 🌐@web4africa 🖧 VIDOLU Group Pty Lt-Web4Africa @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @ninoseki @nullcookies @Spam404 @dave_daves https://twitter.com/dubstard/status/1466986485048037380/photo/1 2021-12-04 04:23:27
41 fbgwls245 .ID-XXXXXXXX .unlock Thanos #Ransomware C2D4263B2D50F165CA6564AAE098D1FA https://twitter.com/fbgwls245/status/1466981846500388864/photo/1 2021-12-04 04:05:02
42 dubstard 🎯@WalletConnect ⚠ /dappnodeconnect­.org ☣ AS55081 67.220.183.18 🇺🇸 🌐 OwnRegistrar 🖧 24SHELLS. US @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 #scam #phishing #cybercrime https://twitter.com/dubstard/status/1466980697097314308/photo/1 2021-12-04 04:00:28
43 dubstard 🎯@WalletConnect ⚠ /robothelps­.org ☣ AS22612 162.0.235.16 🇺🇸 🌐 @Namecheap 🖧 Namecheap @ActorExpose @bunnymaid @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @nullcookies @Spam404 @pedrouid #scam #phishing #cybercrime https://twitter.com/dubstard/status/1466979361966415873/photo/1 2021-12-04 03:55:09
44 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/9de6b7c6b1e9b9a71f36cf993e5f77353662b0836a95d3463e8ae4dbddfd2de5/detection/f-9de6b7c6b1e9b9a71f36cf993e5f77353662b0836a95d3463e8ae4dbddfd2de5-1624417518 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 01:40:03
45 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/bcdbed7d5cdec7bc0f746362310af54326b424ad165fc43a2a2aad0e6921844b/detection/f-bcdbed7d5cdec7bc0f746362310af54326b424ad165fc43a2a2aad0e6921844b-1623837318 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 01:20:02
46 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 66 VirusTotal: https://www.virustotal.com/gui/file/a65d6a1be5d9f53bef2f77af2a9a9dcf74ef53e0dcfea7bea8a28f6f959f221f/detection/f-a65d6a1be5d9f53bef2f77af2a9a9dcf74ef53e0dcfea7bea8a28f6f959f221f-1584572610 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 01:15:02
47 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 60 VirusTotal: https://www.virustotal.com/gui/file/1ccfce4d4d4563e66b380ed03c69dde305243b269fa8568615085c252a907972/detection/f-1ccfce4d4d4563e66b380ed03c69dde305243b269fa8568615085c252a907972-1623145520 Threat: Ransom_WCRY.SMALYM (TrendMicro) 2021-12-04 00:35:02
48 HeliosCert @HeliosCert Sample analysed on #virustotal VirusTotal-Score: 0 VirusTotal: https://www.virustotal.com/gui/file/1fa9b4039854bf6639043e34df5dc8de5f1b016c9d10660e0cea55e26396912e/detection/f-1fa9b4039854bf6639043e34df5dc8de5f1b016c9d10660e0cea55e26396912e-1638533180 Threat: 2021-12-04 00:15:02
49 abel1ma (続き) 通信先 hxxp://inorte.com.br/awkl2/NFkGvrZkoh7TdwolFM/ hxxp://otoway.com/5/h2syajK78/ hxxp://xhamster-deutsch.biz/wp-content/cache/m1G6/ 通信先は複数存在しますので、通信先URLは次のサイトの情報をご参照ください。 https://urlhaus.abuse.ch/browse/tag/emotet/ 2021-12-03 23:38:10
50 abel1ma 12月4日も引き続きEmotetへの感染を狙ったメールがばらまかれています。 添付ファイルの例 Inv ZX-6868.xlsm https://app.any.run/tasks/75caecd0-4ff4-451f-8a3c-f63ee8fd87db Electronic http://form.zip / Electronic form.xlsm https://app.any.run/tasks/39ad55af-f838-40ff-aadf-2a5ae52fdae3 Form - Dec 04. 2021.xls https://app.any.run/tasks/2f0746b1-0495-4e67-9f50-ccbc45ca7ac2 (続く) 2021-12-03 23:37:14