🚨 New #JavaStealer “MaksStealer” uncovered! Fully in-memory, FUD, DES–Blowfish runtime decryption, WebSockets on 4025/4028/6662. Author “Max, 17yo” left his signature in the payload 🤯 Full report & IoCs 👉 github.com/ShadowOpCode/M… #infosec #malware #ThreatIntel @malwrhunterteam
#phishing @NetflixIT Sender: t.eam.2s.upport@yandex[.]ru hxxps://fuviya.techbazaar101[.]com/xisawife/fa/nabobo/minogi/index.php?rpclk= hxxps://theenchantedtreasurehunter[.]io/c/bXqCkBejK25w? hxxps://casafuze[.]com/l/Gd02TpQQvj2JT0YzB5R2mP4Uvzlz/payment?token= #ThreatIntelligence
![ShadowOpCode's tweet image. #phishing @NetflixIT
Sender: t.eam.2s.upport@yandex[.]ru
hxxps://fuviya.techbazaar101[.]com/xisawife/fa/nabobo/minogi/index.php?rpclk=
hxxps://theenchantedtreasurehunter[.]io/c/bXqCkBejK25w?
hxxps://casafuze[.]com/l/Gd02TpQQvj2JT0YzB5R2mP4Uvzlz/payment?token=
#ThreatIntelligence](https://pbs.twimg.com/media/G2pfiyQWEAAqss0.jpg)
![ShadowOpCode's tweet image. #phishing @NetflixIT
Sender: t.eam.2s.upport@yandex[.]ru
hxxps://fuviya.techbazaar101[.]com/xisawife/fa/nabobo/minogi/index.php?rpclk=
hxxps://theenchantedtreasurehunter[.]io/c/bXqCkBejK25w?
hxxps://casafuze[.]com/l/Gd02TpQQvj2JT0YzB5R2mP4Uvzlz/payment?token=
#ThreatIntelligence](https://pbs.twimg.com/media/G2pfiyhXkAAsIf-.jpg)
![ShadowOpCode's tweet image. #phishing @NetflixIT
Sender: t.eam.2s.upport@yandex[.]ru
hxxps://fuviya.techbazaar101[.]com/xisawife/fa/nabobo/minogi/index.php?rpclk=
hxxps://theenchantedtreasurehunter[.]io/c/bXqCkBejK25w?
hxxps://casafuze[.]com/l/Gd02TpQQvj2JT0YzB5R2mP4Uvzlz/payment?token=
#ThreatIntelligence](https://pbs.twimg.com/media/G2pe0HKX0AA1zx0.jpg)
![ShadowOpCode's tweet image. #phishing @NetflixIT
Sender: t.eam.2s.upport@yandex[.]ru
hxxps://fuviya.techbazaar101[.]com/xisawife/fa/nabobo/minogi/index.php?rpclk=
hxxps://theenchantedtreasurehunter[.]io/c/bXqCkBejK25w?
hxxps://casafuze[.]com/l/Gd02TpQQvj2JT0YzB5R2mP4Uvzlz/payment?token=
#ThreatIntelligence](https://pbs.twimg.com/media/G2pfizfXwAAljCH.png)
Thanks everyone for the 600 followers! We're pushing together the boundaries of malware analysis 🔥
Threat Actors are delivering NetSupportManager RAT packed with "ChatGPT Installer.exe" as a decoy Dropper > (ChanGPT Install.exe, Setup.exe > msiexec.exe > NetSupport) @anyrun_app analysis here: app.any.run/tasks/d4a4a29e… Bazaar: bazaar.abuse.ch/sample/d86f647… Thanks @JAMESWT_WT for upload
📧"Re : Request for Quotation-PO NO 151001896902" 📦Delivery #PhantomStealer 📤exfil via SMTP mail[.]novochrom[.]us:587 phamton@novochrom[.]us phamton2@novochrom[.]us sample: bazaar.abuse.ch/browse/tag/nov…
![ShadowOpCode's tweet image. 📧"Re : Request for Quotation-PO NO 151001896902"
📦Delivery #PhantomStealer
📤exfil via SMTP
mail[.]novochrom[.]us:587
phamton@novochrom[.]us
phamton2@novochrom[.]us
sample: bazaar.abuse.ch/browse/tag/nov…](https://pbs.twimg.com/media/G1DXlweW8AAFPBe.jpg)
![ShadowOpCode's tweet image. 📧"Re : Request for Quotation-PO NO 151001896902"
📦Delivery #PhantomStealer
📤exfil via SMTP
mail[.]novochrom[.]us:587
phamton@novochrom[.]us
phamton2@novochrom[.]us
sample: bazaar.abuse.ch/browse/tag/nov…](https://pbs.twimg.com/media/G1DXlvbWwAE5Hi-.jpg)
![ShadowOpCode's tweet image. 📧"Re : Request for Quotation-PO NO 151001896902"
📦Delivery #PhantomStealer
📤exfil via SMTP
mail[.]novochrom[.]us:587
phamton@novochrom[.]us
phamton2@novochrom[.]us
sample: bazaar.abuse.ch/browse/tag/nov…](https://pbs.twimg.com/media/G1DXluPWwAAwohY.png)
![ShadowOpCode's tweet image. 📧"Re : Request for Quotation-PO NO 151001896902"
📦Delivery #PhantomStealer
📤exfil via SMTP
mail[.]novochrom[.]us:587
phamton@novochrom[.]us
phamton2@novochrom[.]us
sample: bazaar.abuse.ch/browse/tag/nov…](https://pbs.twimg.com/media/G1DXlsZXMAAKMz8.png)
United States 트렌드
- 1. D’Angelo 13.1K posts
- 2. Happy Birthday Charlie 85.5K posts
- 3. #BornOfStarlightHeeseung 53.4K posts
- 4. #csm217 1,495 posts
- 5. #tuesdayvibe 5,059 posts
- 6. Angie Stone N/A
- 7. Alex Jones 19.7K posts
- 8. Sandy Hook 5,948 posts
- 9. Pentagon 85.2K posts
- 10. #NationalDessertDay N/A
- 11. #TheView N/A
- 12. Good Tuesday 38.8K posts
- 13. Taco Tuesday 12.4K posts
- 14. Cheryl Hines 1,658 posts
- 15. Shilo 3,516 posts
- 16. Monad 222K posts
- 17. Masuda 2,366 posts
- 18. Windows 10 24.5K posts
- 19. Dissidia 8,590 posts
- 20. Powell 20.6K posts
Something went wrong.
Something went wrong.