Last 5 Entries

ID User Tweet Date
1 James_inthe_box A small #unknown .NET #stealer that's been kicking around for a few months; #snort / #suricata / #yara rule at: https://gist.github.com/a64b6f1c78ca5307d00d766c36b3d2e3 … https://www.hybrid-analysis.com/string-search/results/366c98ad4c62f26a254fe120add089fd3a6c27142985d277b04e90e51c03a070 … all hashes on @mal_share cc @snort @malwareforme @switchingtoguns @ET_Labs @EmergingThreats @travisbgreen pic.twitter.com/aRWh8WWbgK 2020-07-10 23:47:59
2 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/8ab8e7920f48dbf7acbf2a0fd7aab701ac2b4ce1eedb0a4d39b83819d62442fb/detection/f-8ab8e7920f48dbf7acbf2a0fd7aab701ac2b4ce1eedb0a4d39b83819d62442fb-1549325982 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 23:15:02
3 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 65 VirusTotal: https://www.virustotal.com/gui/file/5e2b41ff89580533da7a0705be075ff0f586d117b002c28a0e4a9db61b125b20/detection/f-5e2b41ff89580533da7a0705be075ff0f586d117b002c28a0e4a9db61b125b20-1587967776 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 22:55:02
4 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/fa2e5958a51aaba66de40455b378522be5ea377e5accccb1cda59dced6cfa41b/detection/f-fa2e5958a51aaba66de40455b378522be5ea377e5accccb1cda59dced6cfa41b-1581030264 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 22:30:03
5 HeliosCert Sample submitted 2020-07-10 20:30:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:176.14.233.38 715b0735f78e94295ea08e991640e68469793efaafdc31a5ae03305ddec50916 #malware #cyber #security 2020-07-10 22:30:02
6 bryceabdo Very low AV detected (4/73) #cobaltstrike https://www.virustotal.com/gui/file/670d05296e29183d8f292c1fe61003bb8bc608c5ee4916c68996b4f64e587622 … https://www.virustotal.com/gui/file/164f816dc125ab0a507134a82a20c5c0de872f66b6a7a56a848d52819e49cb9c … Stager -> 104.194.10.206 C2 -> dukeid.com Related C2 infra - cashihash.com - checkbacktill.com - cashtil.com #malware #threatintel pic.twitter.com/2DvcLPtftj 2020-07-10 22:14:19
7 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/1f47cb0ff1f6fd0783a24163738a1c061be23270e716591c9961cb0c12989b7e/detection/f-1f47cb0ff1f6fd0783a24163738a1c061be23270e716591c9961cb0c12989b7e-1563393624 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 22:00:02
8 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/85cdff18dbd7e529c9805770cd2b85bd55cdd223c0614bce04c9f7b1a451b718/detection/f-85cdff18dbd7e529c9805770cd2b85bd55cdd223c0614bce04c9f7b1a451b718-1580181503 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:55:02
9 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/e2fd6826b949a6d000b9f12842df7028c1fd3cc5ee736ccdf27f76c5706861f3/detection/f-e2fd6826b949a6d000b9f12842df7028c1fd3cc5ee736ccdf27f76c5706861f3-1561723433 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:50:02
10 ufc251onlineTv https://www.hybrid-analysis.com/sample/c99fc1bccfef81dcc636c1f30b632fa0d0abcb8d0f271c836952498bedc075c6 … 2020-07-10 21:41:52
11 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 64 VirusTotal: https://www.virustotal.com/gui/file/b12a12933679bc4574f3b3ab97d7cf89749dc901105ef8e79508dd591e76c53d/detection/f-b12a12933679bc4574f3b3ab97d7cf89749dc901105ef8e79508dd591e76c53d-1594254201 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:30:03
12 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 66 VirusTotal: https://www.virustotal.com/gui/file/b52fadfb325fa25dd0888bc9572610b9b3d0e13ef1c74e5319bbce485a9d4b3a/detection/f-b52fadfb325fa25dd0888bc9572610b9b3d0e13ef1c74e5319bbce485a9d4b3a-1585449002 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:25:02
13 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/01b4ccf4892ef5b859e2d582a768416854a219ce8b975741c01004bce55f7c93/detection/f-01b4ccf4892ef5b859e2d582a768416854a219ce8b975741c01004bce55f7c93-1561826104 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:20:02
14 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/ea672091ca0f46c89e5b23c1ec37cfba633ceb2cf65a4b0f1e5aad289aab78be/detection/f-ea672091ca0f46c89e5b23c1ec37cfba633ceb2cf65a4b0f1e5aad289aab78be-1585412514 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 21:15:02
15 HeliosCert Sample submitted 2020-07-10 19:05:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:14.98.126.90 5e2b41ff89580533da7a0705be075ff0f586d117b002c28a0e4a9db61b125b20 #malware #cyber #security 2020-07-10 21:05:03
16 HeliosCert Sample submitted 2020-07-10 19:00:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:190.201.121.29 8f4baaf2de0d6c9fe050e5362bde2a9274962006c1ab2483339521324ca45913 #malware #cyber #security 2020-07-10 21:00:02
17 HeliosCert Sample submitted 2020-07-10 18:50:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:190.74.235.222 1f47cb0ff1f6fd0783a24163738a1c061be23270e716591c9961cb0c12989b7e #malware #cyber #security 2020-07-10 20:50:02
18 HeliosCert Sample submitted 2020-07-10 18:40:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:42.116.162.108 8ab8e7920f48dbf7acbf2a0fd7aab701ac2b4ce1eedb0a4d39b83819d62442fb #malware #cyber #security 2020-07-10 20:40:02
19 ebotpoloskun #Windows #Trojan #Malware From: https://sys-optimize.com/#Windows>> https://sys-optimize.com/aso3setup_systweak-default.exe VirusTotal: https://www.virustotal.com/gui/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/detection … pic.twitter.com/HEGKz42RS7 2020-07-10 20:39:23
20 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 58 VirusTotal: https://www.virustotal.com/gui/file/94256a0f310b2d4da277e7684d579344aaacb572c86a8fdc9d7038b552c14548/detection/f-94256a0f310b2d4da277e7684d579344aaacb572c86a8fdc9d7038b552c14548-1572602563 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 20:30:02
21 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/98d00f97a58c4e2973da360f3233328e6eb6d37141a475cddc52c71a9939d8bb/detection/f-98d00f97a58c4e2973da360f3233328e6eb6d37141a475cddc52c71a9939d8bb-1562878900 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 20:20:02
22 bryceabdo Neat lil fake AV archive "漏洞检测工具.rar" https://www.virustotal.com/gui/file/337fa5bc6f79e67436a08d890da9d76e … - "VirusCheck.exe" load -> "uninstall.exe" (low detected) - cdb.exe -> alpha2 shellcode runner -> EnSafeNotify.exe - "After the inspection. no risks were found" - "/windowsxp/updcheck.php" #malware pic.twitter.com/EFqBvpy1Fo 2020-07-10 19:56:23
23 VK_Intel 2020-07-05: Breaking New Blog: "The Dark Web of Intrigue: How #REvil Used the Underground Ecosystem to Form an Extortion Cartel" by our team @y_advintel & Daniel Frey Underground Extortion Business Model | REvil Pursues High-Value Targets https://www.advanced-intel.com/post/the-dark-web-of-intrigue-how-revil-used-the-underground-ecosystem-to-form-an-extortion-cartel … pic.twitter.com/aNU7viUmAT 2020-07-10 19:22:19
24 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 56 VirusTotal: https://www.virustotal.com/gui/file/2ba85503ccbec5ca59f4196a92b5e89f001a5e1e9c49971d0b72f39c1043abb8/detection/f-2ba85503ccbec5ca59f4196a92b5e89f001a5e1e9c49971d0b72f39c1043abb8-1537755397 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 19:10:02
25 James_inthe_box ours file is also #azorult c2: http://773475d.ddns.net/index.php hash cce7b05b4b744f36c28adbbb4a52f521 on @mal_share 2020-07-10 19:06:31
26 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 66 VirusTotal: https://www.virustotal.com/gui/file/64587fd1141d08acdf994278e9d9ce99b042ec3645416153412bb74d1754fb4e/detection/f-64587fd1141d08acdf994278e9d9ce99b042ec3645416153412bb74d1754fb4e-1579174752 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 19:05:03
27 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 57 VirusTotal: https://www.virustotal.com/gui/file/a78769b9672a3e7d7fd3bb8d36c5253c4fb8779adf2c02d405f1d599d3766f2a/detection/f-a78769b9672a3e7d7fd3bb8d36c5253c4fb8779adf2c02d405f1d599d3766f2a-1555770290 … Threat: Ransom:Win32/CVE-2017-0147.A (Microsoft) 2020-07-10 19:05:03
28 HeliosCert Sample submitted 2020-07-10 17:05:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:194.44.201.153 b52fadfb325fa25dd0888bc9572610b9b3d0e13ef1c74e5319bbce485a9d4b3a #malware #cyber #security 2020-07-10 19:05:02
29 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 54 VirusTotal: https://www.virustotal.com/gui/file/a1e5e1a18924ab36fd6ffb24c9fca57ee81ca11a8c9cac76d48f10e63718d61a/detection/f-a1e5e1a18924ab36fd6ffb24c9fca57ee81ca11a8c9cac76d48f10e63718d61a-1540962172 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 19:00:04
30 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 60 VirusTotal: https://www.virustotal.com/gui/file/03d502053b92c586c249f32a2cba53956f6c9fc922c40102c3404deaf8adf5c6/detection/f-03d502053b92c586c249f32a2cba53956f6c9fc922c40102c3404deaf8adf5c6-1568715775 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 19:00:03
31 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 56 VirusTotal: https://www.virustotal.com/gui/file/bac2eb5e1098d882c1ac7bb840fe8bdfb187c0d10f3d47470ca8ec6b354cfb87/detection/f-bac2eb5e1098d882c1ac7bb840fe8bdfb187c0d10f3d47470ca8ec6b354cfb87-1542682504 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 19:00:02
32 AdamTheAnalyst Fun Gozi/Ursnif spreader doc https://www.virustotal.com/gui/file/258e55598e9c585d6e187666b30f22db1d680983c511c0e879181ea50e0801bd/detection … pic.twitter.com/zBFnYQ71lm 2020-07-10 18:56:27
33 HeliosCert Sample submitted 2020-07-10 16:45:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:190.215.183.232 98d00f97a58c4e2973da360f3233328e6eb6d37141a475cddc52c71a9939d8bb #malware #cyber #security 2020-07-10 18:45:02
34 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 49 VirusTotal: https://www.virustotal.com/gui/file/3dd2352bc83100b97419b2c457193ded0c3731efe630ee745f95d612c9d96922/detection/f-3dd2352bc83100b97419b2c457193ded0c3731efe630ee745f95d612c9d96922-1594349232 … Threat: HT_SMALL_GG3107CA.UVPM (TrendMicro) 2020-07-10 18:40:02
35 theDark3d #Powershell #Doc 10 July Doc To Powershell (Anyrun Detected) hxxp://mguy2934.duckdns.org/mguyfol/7.mt Sample : https://bazaar.abuse.ch/sample/86be98c5baa52cf4df40a61ef4dba40a30fcbfb72b9bf1159440ca88ef382252/ … AnyRun : https://app.any.run/tasks/a1885401-aac9-4cc4-8a85-12c5b5ac679b … @malwrhunterteam @malwarehub @DynamicAnalysis @DissectMalware @reecdeep @ReBensk @andsyn1 @anyrun_app 2020-07-10 18:27:26
36 bad_packets Not sure if this is CVE-2020-8193. CVE-2020-8195. CVE-2020-8196. or a re-use of CVE-2018-6808 – but either way opportunistic mass scanning detected from 34.70.136.122 () and 35.188.133.59 () checking for vulnerable Citrix servers. pic.twitter.com/HVovLFD7ru 2020-07-10 18:24:39
37 IronNetTR Malware opendir found hosting suspected FormBook info stealer executable at hxxp://gvkibio.com/Scan012.exe. #Malware #opendir MD5: d39742571e0c6265c39592480ef45c04 https://app.any.run/tasks/e686b8b7-4520-41d5-b7e8-99f147ecb789 … pic.twitter.com/ypJfk62ZO9 2020-07-10 18:17:18
38 James_inthe_box An #opendir found by my friend @FewAtoms containing CHIL64 gtag #trickbot at: 185.14.31.93 couple c2's: 95.171.16.42 51.81.112.144 hash 5bf8e55247c38900f94178eca68df336 on @mal_share cc @fumik0_ @cocaman @Anti_Expl0it pic.twitter.com/TfNxXhboMH 2020-07-10 18:16:21
39 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 63 VirusTotal: https://www.virustotal.com/gui/file/87f5792e30d05aa549669dad4fddbf1380142605b44de5a22717477893dab86a/detection/f-87f5792e30d05aa549669dad4fddbf1380142605b44de5a22717477893dab86a-1594249735 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 18:10:02
40 HeliosCert Sample submitted 2020-07-10 16:05:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:115.79.62.162 0b116b756cd56c64d23595a3eb067f271b7165dc31379129edf4439f734e604a #malware #cyber #security 2020-07-10 18:05:02
41 HeliosCert Sample submitted 2020-07-10 15:45:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:49.150.77.19 e2fd6826b949a6d000b9f12842df7028c1fd3cc5ee736ccdf27f76c5706861f3 #malware #cyber #security 2020-07-10 17:45:02
42 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 59 VirusTotal: https://www.virustotal.com/gui/file/fd77624386af765e3821db69071e565a855ce7d95e0fe48d6e94dad5f10e4ddd/detection/f-fd77624386af765e3821db69071e565a855ce7d95e0fe48d6e94dad5f10e4ddd-1546844106 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 17:40:02
43 safety64607016 ".rxx" - "back_data@foxmail.com" https://app.any.run/tasks/4f3d06f5-9a88-4213-bb8f-f9844ac2b14e … #CrySiS #Dharma #ransomware 2020-07-10 17:38:00
44 HeliosCert Sample submitted 2020-07-10 15:30:01 Dionaea Honeypot Protocol: smbd Sources: ::ffff:124.123.171.102 87f5792e30d05aa549669dad4fddbf1380142605b44de5a22717477893dab86a #malware #cyber #security 2020-07-10 17:30:02
45 James_inthe_box 2.1.0.0 #masslogger 2020-07-10 17:25:52
46 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 62 VirusTotal: https://www.virustotal.com/gui/file/ba82d6fe31bcafab856721f27f119a61cfab468cfddf66713a87488f4a7dff95/detection/f-ba82d6fe31bcafab856721f27f119a61cfab468cfddf66713a87488f4a7dff95-1554599332 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 17:25:02
47 James_inthe_box hashes: https://gist.github.com/1e805ccfb6195ccad98575827f93dd32 pic.twitter.com/I6krnwOUZY 2020-07-10 17:21:56
48 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 61 VirusTotal: https://www.virustotal.com/gui/file/b8906f7452676ab39d8d4c3c6a16b41ec1dbbaf41c550ec83b40c3d82083f2d6/detection/f-b8906f7452676ab39d8d4c3c6a16b41ec1dbbaf41c550ec83b40c3d82083f2d6-1594383457 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 17:15:02
49 theDark3d #Fedex #Phishing 10 July Kenya School Of Law Student Portal Got Hack3d .. Phishing Url : hxxp://www.ksl.ac.ke/wp-content/plugins/hell/filco4/backup/ https://app.any.run/tasks/4bce7882-4f2e-4baf-ae8a-5398fe503342 … @ActorExpose @phishunt_io @PhishKitTracker @malwrhunterteam @JAMESWT_MHT @reecdeep 2020-07-10 17:13:40
50 HeliosCert Sample analysed on #virustotal VirusTotal-Score: 57 VirusTotal: https://www.virustotal.com/gui/file/6d2732c449c79076dbf9a640f027d128679ff2feb7b9e890b496e9efa8322559/detection/f-6d2732c449c79076dbf9a640f027d128679ff2feb7b9e890b496e9efa8322559-1550303859 … Threat: Ransom_WCRY.SMALYM (TrendMicro) 2020-07-10 17:05:02