Polski
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
M4lcode's profile picture. Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

M4lcode

@M4lcode

Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

179Wpisy 659Obserwujących 319Obserwowanych
M4lcode podał dalej
anyrun_app's profile picture.
ANY.RUN
@anyrun_app
21 paź

🚨 We uncovered #Tykit, a new #phishing kit targeting hundreds of US & EU companies in finance, construction, and telecom. It uses SVG-based delivery to harvest Microsoft 365 credentials ⚠️ See full analysis, how to detect it, and gather #IOCs: any.run/cybersecurity-…

anyrun_app's tweet image. 🚨 We uncovered #Tykit, a new #phishing kit targeting hundreds of US & EU companies in finance, construction, and telecom. It uses SVG-based delivery to harvest Microsoft 365 credentials ⚠️ See full analysis, how to detect it, and gather #IOCs: any.run/cybersecurity-…
1
31
79
20
6tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
2 paź

Fresh malware analysis from @anyrun_app: FunkLocker TTPs, artifacts, and practical takeaways for SOC and DFIR. Read: any.run/cybersecurity-…

M4lcode's tweet card. Discover a technical analysis of AI-based ransomware FunkLocker from the FunkSec APT that is targeting businesses worldwide.
FunkLocker Analysis: AI-powered Ransomware from FunkSec APT
Źródło: any.run
1
0
3
0
2tys.
M4lcode podał dalej
M4lcode's profile picture.
M4lcode
 @M4lcode
16 wrz

Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…

M4lcode's tweet image. Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…
4
45
90
42
14tys.
M4lcode podał dalej
anyrun_app's profile picture.
ANY.RUN
@anyrun_app
5 sie

🚨#ANYRUN’s TI Feeds now offer a connector for Microsoft Sentinel Get fresh, filtered #IOCs from the latest attacks worldwide, updated every 2 hours and enriched with sandbox analyses Expand incident monitoring, boost detection rate, and slash MTTR 👇 any.run/cybersecurity-…

any.run

ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence - ANY.RUN's...

Ingest fresh IOCs from 15K SOCs into your Microsoft Sentinel SIEM to expand threat coverage and increase detection rate.

Źródło: any.run
0
5
12
1
6tys.
M4lcode podał dalej
muha2xmad's profile picture.
Muhammad Hasan Ali
 @muha2xmad
16 lip

As-salamu Alaykum I wrote 3 #yara rules about #RedLine stealer , #ArrowRAT, and #MilleniumRat. RedLine:github.com/muha2xmad/yara… ArrowRAT:github.com/muha2xmad/yara… MilleniumRat:github.com/muha2xmad/yara…

1
3
10
1
5tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
8 lip

PureLogs is live. A new challenge created by me. good luck

MalGamy12's profile picture. Threat Researcher @nextronsystems and volunteer at @vxunderground.
Gameel Ali 🤘
 @MalGamy12
8 lip

New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode

MalGamy12's tweet image. New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode
3
14
65
18
8tys.
0
0
15
2
4tys.
M4lcode podał dalej
mSult4n's profile picture.
Mohamed Sultan
 @mSult4n
19 cze

Just published a new blog post on how Microsoft’s “Mouse Without Borders” can be abused for data exfiltration & lateral movement. Features KAPE Target, C# scripts, and a BOF as a poc: 0xsultan.github.io/dfir/Exfiltrat…

2
11
25
13
6tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
14 cze

Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…

M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
2
10
42
16
8tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
11 cze

#clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)

M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
0
3
16
6
3tys.
M4lcode podał dalej
MalGamy12's profile picture.
Gameel Ali 🤘
 @MalGamy12
10 maj

We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.

MalGamy12's tweet image. We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.
11
54
173
103
17tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
11 kwi

Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…

M4lcode's tweet image. Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…
2
32
111
62
5tys.
M4lcode podał dalej
vxunderground's profile picture.
vx-underground
@vxunderground
28 mar
vxunderground's tweet image.
35
236
3tys.
110
117tys.
M4lcode's profile picture.
M4lcode
 @M4lcode
24 mar

FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…

M4lcode's tweet image. FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…
1
1
14
4
457

United States Trendy

Something went wrong.


Something went wrong.