Français
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
M4lcode's profile picture. Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

M4lcode

@M4lcode

Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

177Posts 653Abonnés 314Abonnements
M4lcode's profile picture.
M4lcode
 @M4lcode
2 oct.

Fresh malware analysis from @anyrun_app: FunkLocker TTPs, artifacts, and practical takeaways for SOC and DFIR. Read: any.run/cybersecurity-…

M4lcode's tweet card. Discover a technical analysis of AI-based ransomware FunkLocker from the FunkSec APT that is targeting businesses worldwide.
FunkLocker Analysis: AI-powered Ransomware from FunkSec APT
Source: any.run
1
0
3
0
746
M4lcode a reposté
M4lcode's profile picture.
M4lcode
 @M4lcode
16 sept.

Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…

M4lcode's tweet image. Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…
4
44
90
42
12K
M4lcode a reposté
anyrun_app's profile picture.
ANY.RUN
@anyrun_app
5 août

🚨#ANYRUN’s TI Feeds now offer a connector for Microsoft Sentinel Get fresh, filtered #IOCs from the latest attacks worldwide, updated every 2 hours and enriched with sandbox analyses Expand incident monitoring, boost detection rate, and slash MTTR 👇 any.run/cybersecurity-…

anyrun_app's tweet card. Ingest fresh IOCs from 15K SOCs into your Microsoft Sentinel SIEM to expand threat coverage and increase detection rate.
ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence - ANY.RUN's...
Source: any.run
0
5
12
1
5K
M4lcode a reposté
muha2xmad's profile picture.
Muhammad Hasan Ali
 @muha2xmad
16 juil.

As-salamu Alaykum I wrote 3 #yara rules about #RedLine stealer , #ArrowRAT, and #MilleniumRat. RedLine:github.com/muha2xmad/yara… ArrowRAT:github.com/muha2xmad/yara… MilleniumRat:github.com/muha2xmad/yara…

1
3
10
1
5K
M4lcode's profile picture.
M4lcode
 @M4lcode
8 juil.

PureLogs is live. A new challenge created by me. good luck

MalGamy12's profile picture. Threat Researcher @nextronsystems and volunteer at @vxunderground.
Gameel Ali 🤘
 @MalGamy12
8 juil.

New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode

MalGamy12's tweet image. New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode
3
14
65
18
8K
0
0
15
2
4K
M4lcode a reposté
mSult4n's profile picture.
Mohamed Sultan
 @mSult4n
19 juin

Just published a new blog post on how Microsoft’s “Mouse Without Borders” can be abused for data exfiltration & lateral movement. Features KAPE Target, C# scripts, and a BOF as a poc: 0xsultan.github.io/dfir/Exfiltrat…

2
11
25
13
6K
M4lcode's profile picture.
M4lcode
 @M4lcode
14 juin

Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…

M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
2
10
42
16
8K
M4lcode's profile picture.
M4lcode
 @M4lcode
11 juin

#clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)

M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
0
3
16
6
3K
M4lcode a reposté
MalGamy12's profile picture.
Gameel Ali 🤘
 @MalGamy12
10 mai

We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.

MalGamy12's tweet image. We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.
11
54
173
102
17K
M4lcode's profile picture.
M4lcode
 @M4lcode
11 avr.

Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…

M4lcode's tweet image. Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…
2
32
111
62
5K
M4lcode a reposté
vxunderground's profile picture.
vx-underground
@vxunderground
28 mars
vxunderground's tweet image.
36
240
3K
112
117K
M4lcode's profile picture.
M4lcode
 @M4lcode
24 mars

FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…

M4lcode's tweet image. FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…
1
1
14
4
456
M4lcode's profile picture.
M4lcode
 @M4lcode
21 janv.

Fake job interviews are a growing attack vector One example here is InvisibleFerret, a malware from North Korea, that targets tech professionals See detailed analysis of its code and collect IOCs to avoid infection by @MauroEldritch any.run/cybersecurity-… @anyrun_app

M4lcode's tweet card. Discover a detailed technical analysis of the InvisibleFerret malware that targets businesses across different industries.
InvisibleFerret Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog
Source: any.run
1
1
16
8
679
Tarekkhabib's profile picture. تحيا مصر ويسقط القزم .. وفي رواية اخرى، تحيا مصر من غير العرص.

Tarek Habib (ابو قسام)

@Tarekkhabib
michaellatef96's profile picture. socialist / pharmacist / Barca fan. chess and football addict. غد الأممية يوحد البشر

Michael latif

@michaellatef96
MalwarePatrol's profile picture. Malware Patrol's cyber #threatintelligence solutions offer a comprehensive view of the external threat landscape. #infosec #cybersec #APT #malware #phishing

Malware Patrol

@MalwarePatrol
Cyber_O51NT's profile picture. #OSINT treasure hunter, investigator, #CyberThreatIntel analyst. Opinions are my own. Follow me on Telegram https://t.co/i6VBbeUXgd for cyber news.

Cyber_OSINT

@Cyber_O51NT
z3r0tr4c3's profile picture. ɪɴꜰᴏꜱᴇᴄ ᴇɴᴛʜᴜꜱɪᴀꜱᴛ

ᴢ𝟹ʀ𝟶ᴛʀ𝟺ᴄ𝟹- 🇰🇵

@z3r0tr4c3
EdavPerez's profile picture. Intel Ops Padawan🥷 | Security Nerd | All systems are vulnerable (People2) 🖥️🤯🔨|Vai viver ou ta cómodo?

C:\🇺🇾\David.bat

@EdavPerez
sn0wli0n's profile picture. Security Researcher @Acronis #OSCP #Adversaryemulation

prakash kamalakannan

@sn0wli0n
DailyDarkWeb's profile picture. Daily Dark Web dose from the dark side.

Dark Web Intelligence

@DailyDarkWeb
c_APT_ure's profile picture. #InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge

TomU | I'm still here... til the end 🕊️🇨🇭

@c_APT_ure
ShadowOpCode's profile picture. Malware analyst & reverse engineer 🧠 Threat intel on stealers, RATs, live campaigns 🕵️ Technical analysis. No buzzwords. 📍DM open for research collabs

ShadowOpCode

@ShadowOpCode
naumovax's profile picture. pt malicious network traffic researcher, speaker / this blog about new malware & interesting С2 communication & my work life

Kseniia \n

@naumovax
MaksRAT_Off's profile picture. https://t.co/dI23gq44fJ

MaksRAT

@MaksRAT_Off
NicoleBeckwith's profile picture. Director, Security Operations @kroger 🍓 Intel, Hunting, IR, Detection Engineering, Insider Risk, Fraud & Forensics 💻 Fmr LE & DFIR for OH & Secret Service TF.

Nicole Beckwith

@NicoleBeckwith
cybersecstu's profile picture. Hi I'm Stu from '42 | ❤️OSINT |✍️ CTI & Analytics book ~2025, Tracelabs Black badge x3 | Ex- @themanyhatsclub | #cyber Views my own not employers

(╯°□°)╯︵ S︵ T︵U

@cybersecstu
ShadowChasing1's profile picture. Shadow Chaser Group is a sub-group of the GcowSec team which consists of college students who love it.Shadow Chaser Group focused on APT hunt and analysis

Shadow Chaser Group

@ShadowChasing1
vuldb's profile picture. Number one vulnerability management and threat intelligence platform. Explaining vulnerabilities and exploits since 1970. 🐘 https://t.co/9XHyl1R64r

VulDB 🛡

@vuldb
nextronsystems's profile picture. Managed Compromise Assessments #YARA #IOCs #DFIR #APT #Sigma - the home of @thor_scanner, ASGARD and the Aurora Agent

Nextron Systems

@nextronsystems
panda_zheng's profile picture. Malware Analysis Expert & Threat Intelligence Expert & APT Hunter

pandazhengzheng

@panda_zheng
sky31337's profile picture. • ghost in the shell • reformed blackhat • SEC hacker •

skynet

@sky31337
Azr43lKn1ght's profile picture. Unit 42 | Creator of DFIR Labs | Former Captain @teambi0s | DFIR | Malware Analyst | Maldev | Windows RE | Trounce🦇 | Views My Own

Nithin Chenthur Prabhu

@Azr43lKn1ght
SecurityAura's profile picture. GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk

Aura

@SecurityAura
UK_Daniel_Card's profile picture. Department of Cyber WAR CEO of everyone's email servers! Member of the Counter Spider Collective

mRr3b00t

@UK_Daniel_Card
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.

Elastic Security Labs

@elasticseclabs
KrakenLabs_Team's profile picture. 🔍 KrakenLabs Team | Threat Intelligence at Outpost24 🌐 | Uncovering Threat Actors & Malware |Pioneering Digital Risk Protection Innovation 🚀 | #CyberSecurity

KrakenLabs

@KrakenLabs_Team
threathuntergrl's profile picture. Friendly Neighborhood Intel Analyst | Children’s Book Author | Lego | Hufflepuff

Nicole Hoffman

@threathuntergrl
0xfmz's profile picture. Malware Researcher at ESET 🙂

facundo Mz

@0xfmz
XintraOrg's profile picture. Simulating tomorrow’s threats

XINTRA

@XintraOrg
uwu_underground's profile picture. 🐴Pwnie Award Winning & Nation State funded psyop featuring 6 AI Anime Waifus and a Pup™ singing about APTs, Grifters, & Snake Oil in InfoSec 🖤🩷💚💙💜🤍

UwU Underground

@uwu_underground
B1nary0wl's profile picture. PhD | Independent Threat Researcher | Security Analyst

Raouf | رؤوف

@B1nary0wl
akaclandestine's profile picture. | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |

Clandestine

@akaclandestine
PRODAFT's profile picture. Proactive Defense Against Future Threats | Pioneering #CyberSec and #ThreatIntelligence in Europe & MENA since ’12. CTI Platform: #USTA Risk Intel: #BLINDSPOT

PRODAFT

@PRODAFT
olafhartong's profile picture. @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model

Olaf Hartong

@olafhartong
stvemillertime's profile picture. AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara

Steve YARA Synapse Miller

@stvemillertime
AhmedMosaa18's profile picture. Sr. Cyber Security Engineer | CRTO | CRTE | eCPTXv2 | eWPTXv2 | eCPPTv2 | eMAPT | CAP | 7xCVE | Bug Bounty Hunter

Ahmed Rabeaa Mosaa

@AhmedMosaa18
nas_bench's profile picture. Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner

Nasreddine Bencherchali

@nas_bench
Purp1eW0lf's profile picture. Hunt & Response Senior Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin

Dray Agha

@Purp1eW0lf
reveng007's profile picture. Content absorber | CRTO | CRTP | @BlackHatEvents Asia, USA, SecTor, Europe 2024 Arsenal and @WWHackinFest 2024 Presenter

Soumyani1

@reveng007
userID_404's profile picture. (⊙₋ʘ) ∘ (in)Security Engineer ∘ Adversary Emulation/Offensive Security Specialist ∘ Bug Hunter ∘ Threat Intel ∘ userID404 on HTB

Tamag0tchi 🇨🇷

@userID_404
McCarthyLabs's profile picture. Geopolitical Intelligence & Espionage | Cyber Threat Intelligence Research & Analysis | Digital Investigative Analysis. -Modeling the real "Three-Body Problem"!

Jack McCarthy

@McCarthyLabs
Rash0m0n__'s profile picture. PHD in time wasting

Bugs 😁 Bunny

@Rash0m0n__
chaoticflaws's profile picture. I'm a forensicating addict, President of MISEC Nonprofit, MiseCon/Converge/BSides Detroit Organizer, CSO Antigen Security #MISEC #DFIR https://t.co/cPof2JggDD

Kyle - chaoticflaws.bsky.social 🇺🇦

@chaoticflaws
2RunJack2's profile picture. #ThreatIntel Researcher @S2W_Official @TALON_INTEL Main Author of Threat Intel Report 'Campaign DOKKAEBI : Documents of Korean and Evil Binary' / Formerly FSI

𝓙𝓪𝓬𝓴2

@2RunJack2
hexamine22's profile picture.

hexamine

@hexamine22
0x6D6172636F's profile picture. 🤠 NashSec | opp block lurkin | RE/VX | 🍊〽️

смех

@0x6D6172636F
r3nzsec's profile picture. IR/Forensics @Unit42_Intel | Co-Founder @guidemtraining | Contributor/Analyst @TheDFIRReport @XintraOrg | CTF member @_hackstreetboys

Renzon

@r3nzsec
ReversingLabs's profile picture. ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.

ReversingLabs

@ReversingLabs
TrendMicroRSRCH's profile picture. Security research, news, and information direct from @TrendMicro experts.

Trend Micro Research

@TrendMicroRSRCH
TrellixARC's profile picture. The Platform CISOs Trust.

Trellix Advanced Research Center

@TrellixARC
Trellix's profile picture. The Platform CISOs Trust

Trellix

@Trellix
SquiblydooBlog's profile picture. Malware Analysis Creator of Debloat, certReport, and https://t.co/w4rAuuB7O0 Want to chat? Join the Debloat discord: https://t.co/ZcWIqa6ZA9

Squiblydoo

@SquiblydooBlog

United States Tendances

Something went wrong.


Something went wrong.