Русский
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
M4lcode's profile picture. Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

M4lcode

@M4lcode

Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w

179Посты 659читателей 319в читаемых
M4lcode сделал(а) репост
anyrun_app's profile picture.
ANY.RUN
@anyrun_app
21 окт.г.

🚨 We uncovered #Tykit, a new #phishing kit targeting hundreds of US & EU companies in finance, construction, and telecom. It uses SVG-based delivery to harvest Microsoft 365 credentials ⚠️ See full analysis, how to detect it, and gather #IOCs: any.run/cybersecurity-…

anyrun_app's tweet image. 🚨 We uncovered #Tykit, a new #phishing kit targeting hundreds of US & EU companies in finance, construction, and telecom. It uses SVG-based delivery to harvest Microsoft 365 credentials ⚠️ See full analysis, how to detect it, and gather #IOCs: any.run/cybersecurity-…
1
31
79
20
M4lcode's profile picture.
M4lcode
 @M4lcode
2 окт.г.

Fresh malware analysis from @anyrun_app: FunkLocker TTPs, artifacts, and practical takeaways for SOC and DFIR. Read: any.run/cybersecurity-…

M4lcode's tweet card. Discover a technical analysis of AI-based ransomware FunkLocker from the FunkSec APT that is targeting businesses worldwide.
FunkLocker Analysis: AI-powered Ransomware from FunkSec APT
Источник: any.run
1
0
3
0
M4lcode сделал(а) репост
M4lcode's profile picture.
M4lcode
 @M4lcode
16 сент.г.

Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…

M4lcode's tweet image. Just published a deep dive into APT27 (Emissary Panda/Iron Tiger/Lucky Mouse), a Chinese state-sponsored cyber-espionage group active since 2010, known for spear-phishing, watering-hole attacks and exploitation of internet-facing applications. dexpose.io/threat-actor-p…
4
45
90
42
14К
M4lcode сделал(а) репост
anyrun_app's profile picture.
ANY.RUN
@anyrun_app
5 авг.г.

🚨#ANYRUN’s TI Feeds now offer a connector for Microsoft Sentinel Get fresh, filtered #IOCs from the latest attacks worldwide, updated every 2 hours and enriched with sandbox analyses Expand incident monitoring, boost detection rate, and slash MTTR 👇 any.run/cybersecurity-…

anyrun_app's tweet card. Ingest fresh IOCs from 15K SOCs into your Microsoft Sentinel SIEM to expand threat coverage and increase detection rate.
ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence - ANY.RUN's...
Источник: any.run
0
5
12
1
M4lcode сделал(а) репост
muha2xmad's profile picture.
Muhammad Hasan Ali
 @muha2xmad
16 июл.г.

As-salamu Alaykum I wrote 3 #yara rules about #RedLine stealer , #ArrowRAT, and #MilleniumRat. RedLine:github.com/muha2xmad/yara… ArrowRAT:github.com/muha2xmad/yara… MilleniumRat:github.com/muha2xmad/yara…

1
3
10
1
M4lcode's profile picture.
M4lcode
 @M4lcode
8 июл.г.

PureLogs is live. A new challenge created by me. good luck

MalGamy12's profile picture. Threat Researcher @nextronsystems and volunteer at @vxunderground.
Gameel Ali 🤘
 @MalGamy12
8 июл.г.

New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode

MalGamy12's tweet image. New Challenge on MalOps.io: PureLogs Stealer A fresh analysis challenge is now live. This time, you're looking at PureLogs, a .NET-based info-stealer that’s been seen in active campaigns. Your job is to analysis it to answer our questions created by: @M4lcode
3
14
65
18
0
0
15
2
M4lcode сделал(а) репост
mSult4n's profile picture.
Mohamed Sultan
 @mSult4n
19 июн.г.

Just published a new blog post on how Microsoft’s “Mouse Without Borders” can be abused for data exfiltration & lateral movement. Features KAPE Target, C# scripts, and a BOF as a poc: 0xsultan.github.io/dfir/Exfiltrat…

2
11
25
13
M4lcode's profile picture.
M4lcode
 @M4lcode
14 июн.г.

Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…

M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
M4lcode's tweet image. Open directory spotted: 20.243.255[.]185 Hosting multiple suspicious files, including: shell_le: Metasploit ELF payload - recently submitted to VirusTotal. true.png: PNG file with embedded VBScript (1/61 on VT) - recently submitted to VirusTotal main_mips: ELF binary flagged…
2
10
42
16
M4lcode's profile picture.
M4lcode
 @M4lcode
11 июн.г.

#clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)

M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
M4lcode's tweet image. #clickfix #booking #fakecaptcha bokparthub[.]click → (Under Construction) apartmenr-di16[.]click → PowerShell (files.catbox.moe/09fd7c[.]txt) → LightYellow4.zip → LightYellow4.pfx Hex-based ZIP reconstructed → payload cleaned → executed via regsvr32.exe abuse (LOLBins)
0
3
16
6
M4lcode сделал(а) репост
MalGamy12's profile picture.
Gameel Ali 🤘
 @MalGamy12
10 маяг.

We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.

MalGamy12's tweet image. We’re excited to announce the launch of malops.io , a platform built by analysts, for analysts and it’s completely free. You can join and enjoin with our frist challenge about RokRat Loader.
11
54
173
103
17К
M4lcode's profile picture.
M4lcode
 @M4lcode
11 апр.г.

Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…

M4lcode's tweet image. Lately, I've been working on analyzing several stealers and a PE injector. Take a look 😃 Fileless pe injector uses reflective loading : blog.dexpose.io/analysis-of-ar… Purelogger: blog.dexpose.io/purelogger-dee… Salat Stealer: blog.dexpose.io/understanding-… Flesh Stealer: blog.dexpose.io/flesh-stealer-…
2
32
111
62
M4lcode сделал(а) репост
vxunderground's profile picture.
vx-underground
@vxunderground
28 мар.г.
vxunderground's tweet image.
35
236
110
117К
M4lcode's profile picture.
M4lcode
 @M4lcode
24 мар.г.

FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…

M4lcode's tweet image. FExcited to share that ANY.RUN now supports Android OS inside its interactive sandbox! You can analyze APK behavior in real time, right in the cloud. 🔥 Available for ALL plans (yes, even free!). 📷 Let’s check it out together! app.any.run/?utm_source=x_…
1
1
14
4
457

United States Тренды

Something went wrong.


Something went wrong.