Last 5 Entries

ID User Tweet Date
1 malware_traffic 2020-09-17 - More #TA551 ( #shathak) Word docs push #IcedID - paste of info: https://pastebin.com/4uxu0nkm - Pastebin raw: https://pastebin.com/raw/4uxu0nkm pic.twitter.com/9yPS8QMIqR 2020-09-17 23:47:39
2 HeliosCert Sample submitted 2020-09-17 21:45:01 Dionaea Honeypot Protocol: smbd Sources: ::ffff:41.39.165.238 603971f7ee820988a10c32a0dcc5016996b4ad74a84432ad7cdcb3062ec1449e #malware #cyber #security 2020-09-17 23:45:02
3 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/b4ef1d29a4fdd8bc1ab147aee1aebd211952d0f677970a5982b631d779f4e6a8/detection/f-b4ef1d29a4fdd8bc1ab147aee1aebd211952d0f677970a5982b631d779f4e6a8-1596245493 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 23:25:03
4 HeliosCert Sample submitted 2020-09-17 21:05:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:59.96.19.112 948c16ed82b4ae4839e941816eaaaca9fbd669f026d16984075ee658c273f9bf #malware #cyber #security 2020-09-17 23:05:03
5 Cryptolaemus1 s://dev.contractdevs.co.uk/hbbny/Kv9/ /blog.penmman.com/wp-content/uploads/1ECbn9K/ 2 of 2 https://app.any.run/tasks/9c3af9ee-353d-44bf-bd76-f4de170f7c67 … 2020-09-17 22:36:39
6 HeliosCert Sample submitted 2020-09-17 20:30:01 Dionaea Honeypot Protocol: smbd Sources: ::ffff:92.252.135.32 9f9182bc1f852d234cc6a45e8ec849758c144f71ce460a5102de0c8a10063c7c #malware #cyber #security 2020-09-17 22:30:02
7 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 65 VirusTotal: https://www.virustotal.com/gui/file/7574a7b31e9079017de9b881bd84c06cffb7473874acf15be080cac3b07a1a82/detection/f-7574a7b31e9079017de9b881bd84c06cffb7473874acf15be080cac3b07a1a82-1594371934 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 22:25:03
8 ericlaw This is the Chrome-Elf.dll: https://www.virustotal.com/gui/file/81b677adb87380a36d9a6998ec074a091bef0cd5e051f7a75f25c72c4e327fc7/detection … 2020-09-17 22:00:44
9 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/0c5fe0106d4c3684b8c3d3a1c0a409860114e1793239e281759124639f7e923d/detection/f-0c5fe0106d4c3684b8c3d3a1c0a409860114e1793239e281759124639f7e923d-1581318705 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 22:00:02
10 C0ryInTheHous3 Think I have another for you. https://www.virustotal.com/gui/file/61072ae06a5e25194e7bf6297026b54ae52fcfc14787ead8866866d8098a1fa3/details … Similar PDB as others: G:\Project\Covic\Modules\CLI.pdb 2020-09-17 21:50:14
11 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 64 VirusTotal: https://www.virustotal.com/gui/file/0804de1c29683f16e15059ab4ba1a6a040a23cebf694c69cf382ad4e2316bf03/detection/f-0804de1c29683f16e15059ab4ba1a6a040a23cebf694c69cf382ad4e2316bf03-1588570653 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 21:45:02
12 HeliosCert Sample submitted 2020-09-17 19:35:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:113.189.149.66 c7114ecbe50cbe16bb736d8685daca51276b8a80cae5a72cda3cde461cbf09e7 #malware #cyber #security 2020-09-17 21:35:03
13 Cryptolaemus1 CreateDate:2020:09:17 19:06:00 red_dawn https://tria.ge/200917-w9ywc4y2xn/ … https://app.any.run/tasks/1154644b-8aad-417c-8470-b74f6be867ac … 2020-09-17 21:27:09
14 Cryptolaemus1 CreateDate:2020:09:17 18:24:00 office365_orange https://tria.ge/200917-ak9a61w4ex/ … https://app.any.run/tasks/2d54fe34-3cab-4ed8-b8f5-10432239f936 … 2020-09-17 21:17:44
15 bad_packets Would it be possible to add a "Related BGP Prefixes" feature (example: https://bgpview.io/prefix/87.251.64.0/20 …) to https://bgp.he.net/ so we can use it full-time? Honestly it's the only reason we use https://bgpview.io/ . pic.twitter.com/WcjwzkOTkC 2020-09-17 21:13:08
16 Mesiagh #NanoCore #RAT #malware hosted on @Dropbox dropbox.com/s/ht4f87urfeyu6f0/Arrival%20Notice-%20CAT%20LAI%20-72883764VN.lzh?dl= 1 C2: 79.134.225.72 Sample https://app.any.run/tasks/61f3d808-1f29-4e58-823a-8e8877a32d3c … @Marco_Ramilli @JAMESWT_MHT @malwrhunterteam @luc4m @JRoosen @reecdeep @executemalware 2020-09-17 21:10:35
17 bad_packets Just use https://bgpview.io/ or https://bgp.tools/ 2020-09-17 21:09:00
18 HeliosCert Sample submitted 2020-09-17 18:50:03 Dionaea Honeypot Protocol: smbd Sources: ::ffff:89.18.156.105 485e684d1fef0e51047d10d25dbf7af0e7b83581d7d3c4e9c96516193aa0d55a #malware #cyber #security 2020-09-17 20:50:03
19 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/97071a42de7b359d9250feb08cac443933a95e9bbfbd7760435f8bda9c1aa00b/detection/f-97071a42de7b359d9250feb08cac443933a95e9bbfbd7760435f8bda9c1aa00b-1596748819 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 20:50:02
20 wwp96 #opendir #phishing targeting @onedrive - bunch more empty #opendir on 109.248.203.39. here's one targeting @Fidelity and @Outlook theimajing.com https://twitter.com/jcarndt/status/1306656888432537600 … pic.twitter.com/2OZtxP46xV 2020-09-17 20:48:24
21 p5yb34m #IcedID #malspam USA-geofenced: .dll Payloads: ://p3gcak.com/myzyn/mevap.php?l= fuzo12.cab ://ue4j6g.com/myzyn/mevap.php?l= fuzo12.cab .dll Sample: https://bazaar.abuse.ch/sample/a95efda438fdee4b4866287c2cfe9d89772a46c5d9d22377c8c63e43b2c93295/ … .doc Sample: https://bazaar.abuse.ch/sample/b338bf704cbdcf2cd949974e5c1b76e16df69c975c9736571a6f30753a6f02d2/ … 2020-09-17 20:41:14
22 tosscoinwitcher #Wastedlocker #cybersecurity #infosec @malwrhunterteam Looks like this IP has been serveing up #wastedlocker since at least 2019. Had some users visit a local news site and get prompted for a Chrome update. Stay safe out there.. https://www.virustotal.com/gui/ip-address/130.0.233.178/detection … 2020-09-17 20:40:08
23 p5yb34m #Zloader malspam: Payloads: s://jumper.rocks/wp-index.php s://jumper.yoga/wp-index.php C2: s://arboristcrew.net/wp-smarts.php .xls Sample: https://bazaar.abuse.ch/sample/62673137dd9cfce7ca47d7bdddd0689279dcca62b9b70b2402ee22c37977b5b0/ … 2020-09-17 20:37:56
24 MoBustami Might be related - https://www.virustotal.com/gui/file/a16985f438e047b16a7673bebc03fe7b7cf06680ce411c146621d0091af61cef/detection … Also similar C2 - msdn7x32.net 2020-09-17 20:36:55
25 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/c9e6f90c75bd7ad50d2a8ffd3c60a0a7f0d9005b4daeb1c1fb8991f4dac614b7/detection/f-c9e6f90c75bd7ad50d2a8ffd3c60a0a7f0d9005b4daeb1c1fb8991f4dac614b7-1599812718 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 20:35:03
26 HeliosCert Sample submitted 2020-09-17 18:35:01 Dionaea Honeypot Protocol: smbd Sources: ::ffff:182.74.142.98 0c5fe0106d4c3684b8c3d3a1c0a409860114e1793239e281759124639f7e923d #malware #cyber #security 2020-09-17 20:35:02
27 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 55 VirusTotal: https://www.virustotal.com/gui/file/d94f966f938e06720fc02cbc29402fe264d8d1ef9ff968f8cb8e741e24dd1c05/detection/f-d94f966f938e06720fc02cbc29402fe264d8d1ef9ff968f8cb8e741e24dd1c05-1547613058 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 20:30:03
28 micham Another #phishing attempt targeting @Unipisa Stay safe! https://www.virustotal.com/gui/url/1692f3104a25369b1cdbaf9358563f8618cb6099ff216d80bbed9c9967e01433/detection … pic.twitter.com/CvuenupXw6 2020-09-17 20:27:11
29 HeliosCert Sample submitted 2020-09-17 18:20:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:203.202.245.37 f437080b5001266ddebafba6916db2d54391b62637ef5b85ef6d1518409822fe #malware #cyber #security 2020-09-17 20:20:02
30 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 57 VirusTotal: https://www.virustotal.com/gui/file/05d48a085488a7f692c5d8e1be83fa20f2184149eec95ef99c52e7764d8bff0a/detection/f-05d48a085488a7f692c5d8e1be83fa20f2184149eec95ef99c52e7764d8bff0a-1559377559 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 20:10:02
31 _re_fox A copy of #crimson ignvdmvra.exe (7a1f111520e5e74ba09e7f4beac6a84a) in Bhthmars.zip (0f0ada6d17053ceebf9d83b698c74f9f) shares the same c2. C2: 151.106.14.125 https://www.virustotal.com/gui/file/a5f02bb70acdf335bed9c0fc8439ab3a220027a28c7eb44f459afda0ec7b62eb/detection … 2020-09-17 20:01:17
32 HeliosCert Sample submitted 2020-09-17 18:00:04 Dionaea Honeypot Protocol: smbd Sources: ::ffff:220.133.3.206 d94f966f938e06720fc02cbc29402fe264d8d1ef9ff968f8cb8e741e24dd1c05 #malware #cyber #security 2020-09-17 20:00:04
33 HeliosCert Sample submitted 2020-09-17 18:00:03 Dionaea Honeypot Protocol: smbd Sources: ::ffff:181.78.1.162 c8b02b97f16f64706997e434718d9cef28ec271d224e9da84becbba9e363d03a #malware #cyber #security 2020-09-17 20:00:04
34 HeliosCert Sample submitted 2020-09-17 18:00:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:14.248.98.75 842ecb067fe1dfe5295f2d03366fcf0ac7284353638deb0b0960e61547f6bb95 #malware #cyber #security 2020-09-17 20:00:03
35 HeliosCert Sample submitted 2020-09-17 17:40:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:14.186.165.152 0fc8ff08b2ae9604891d146d0dc097577ccbbf8709e0f4c8bfb5f582c28e1f9e #malware #cyber #security 2020-09-17 19:40:03
36 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 64 VirusTotal: https://www.virustotal.com/gui/file/d32d43635b66be7987b0ca6e0977a4c592b9e0d86ba422fc076afddfe379dba0/detection/f-d32d43635b66be7987b0ca6e0977a4c592b9e0d86ba422fc076afddfe379dba0-1594373071 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 19:30:02
37 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/c4e40de01d0f4745c3c1ff197fda43192a53ffb79870638db22b23ff47c2d408/detection/f-c4e40de01d0f4745c3c1ff197fda43192a53ffb79870638db22b23ff47c2d408-1570823956 … Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2020-09-17 19:25:03
38 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/f68abc59548baab3506d53a84a34e352e6dd21023803ad644003948b3c3bd09c/detection/f-f68abc59548baab3506d53a84a34e352e6dd21023803ad644003948b3c3bd09c-1568623983 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 19:25:02
39 Cryptolaemus1 CreateDate:2020:09:17 17:04:00 office365_orange https://tria.ge/200917-n59qxebpws/ … https://app.any.run/tasks/bcb903a2-8b09-4b2e-afca-d4c975d8d9e9 … 2020-09-17 19:25:01
40 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/ce10aa420c5b2e4820dfcf4a560b4c6651256882b65e7bfc0baf7c33c994d9ca/detection/f-ce10aa420c5b2e4820dfcf4a560b4c6651256882b65e7bfc0baf7c33c994d9ca-1569640135 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 19:10:02
41 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 55 VirusTotal: https://www.virustotal.com/gui/file/bb003235ea4eddd693df2d3582a82df1ac965b77a544b22b0a69470adc4032e5/detection/f-bb003235ea4eddd693df2d3582a82df1ac965b77a544b22b0a69470adc4032e5-1555482356 … Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2020-09-17 19:05:02
42 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 65 VirusTotal: https://www.virustotal.com/gui/file/6a8b5a7e77b3051a872b71bdd8dee55de20bbbe35a38630d210709ff38d5867b/detection/f-6a8b5a7e77b3051a872b71bdd8dee55de20bbbe35a38630d210709ff38d5867b-1587427250 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 18:55:02
43 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/95697726852f1fd1fef3f800ac4bd1fd2eec058e809e04d4c8c6eb3b251fe5d3/detection/f-95697726852f1fd1fef3f800ac4bd1fd2eec058e809e04d4c8c6eb3b251fe5d3-1563796644 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 18:45:03
44 HeliosCert Sample submitted 2020-09-17 16:40:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:85.105.87.67 ecef8d11ad654fb658f52963e1d0d7dafaca109db756a2a0f3e62e81313a6652 #malware #cyber #security 2020-09-17 18:40:02
45 James_inthe_box Confirming #bitrat c2 is: 212.8.246.213:4858 2020-09-17 18:34:52
46 Artilllerie #Trickbot 1000514/ono76 >Medium detected sample (23/65 AV) https://www.virustotal.com/gui/file/fdfb6706e3f056404da1928a1a8dc3bce4ab4b8473f49e1c246b4ab2edc69ad4 … >30 C&C https://0paste.com/89020 >24 dpost https://0paste.com/89021 @malwrhunterteam pic.twitter.com/VFQ9DRtIDy 2020-09-17 18:20:04
47 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/3e611bc7f3f45ffa20f3ffc4c22d5bc7a244048d488a1b98293d33c24ec1a280/detection/f-3e611bc7f3f45ffa20f3ffc4c22d5bc7a244048d488a1b98293d33c24ec1a280-1594341943 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 17:50:02
48 HeliosCert Sample submitted 2020-09-17 15:45:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:85.26.233.235 c9e6f90c75bd7ad50d2a8ffd3c60a0a7f0d9005b4daeb1c1fb8991f4dac614b7 #malware #cyber #security 2020-09-17 17:45:02
49 Cryptolaemus1 CreateDate:2020:09:17 14:55:00 my_office https://tria.ge/200917-nhxhze45vj/ … https://app.any.run/tasks/7cb14457-d944-4a0a-bb10-17f0eec3a4e3 … 2020-09-17 17:42:56
50 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 64 VirusTotal: https://www.virustotal.com/gui/file/f4e8357d77381a2d15d71d4309261236bfb78b53ab127162dad943cb897a0e4b/detection/f-f4e8357d77381a2d15d71d4309261236bfb78b53ab127162dad943cb897a0e4b-1592011876 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-09-17 17:35:03