ShadowOpCode
@ShadowOpCode
Malware analyst & reverse engineer 🧠 Threat intel on stealers, RATs, live campaigns 🕵️ Technical analysis. No buzzwords. 📍DM open for research collabs
🚨 New #JavaStealer “MaksStealer” uncovered! Fully in-memory, FUD, DES–Blowfish runtime decryption, WebSockets on 4025/4028/6662. Author “Max, 17yo” left his signature in the payload 🤯 Full report & IoCs 👉 github.com/ShadowOpCode/M… #infosec #malware #ThreatIntel @malwrhunterteam
🚨#Formbook #Xloader spotted in a malspam campaign in #Italy ⚠️Using another "Lorem Ipsum Dolores" variation! Related tweet: x.com/ShadowOpCode/s… @anyrun_app analysis: app.any.run/tasks/43bfa36b… C2: www[.]grevla[.]top
![ShadowOpCode's tweet image. 🚨#Formbook #Xloader spotted in a malspam campaign in #Italy
⚠️Using another "Lorem Ipsum Dolores" variation!
Related tweet: x.com/ShadowOpCode/s…
@anyrun_app analysis: app.any.run/tasks/43bfa36b…
C2: www[.]grevla[.]top](https://pbs.twimg.com/media/G4l8WoOWYAAxzUN.jpg)
![ShadowOpCode's tweet image. 🚨#Formbook #Xloader spotted in a malspam campaign in #Italy
⚠️Using another "Lorem Ipsum Dolores" variation!
Related tweet: x.com/ShadowOpCode/s…
@anyrun_app analysis: app.any.run/tasks/43bfa36b…
C2: www[.]grevla[.]top](https://pbs.twimg.com/media/G4l8WrwWIAAef75.jpg)
![ShadowOpCode's tweet image. 🚨#Formbook #Xloader spotted in a malspam campaign in #Italy
⚠️Using another "Lorem Ipsum Dolores" variation!
Related tweet: x.com/ShadowOpCode/s…
@anyrun_app analysis: app.any.run/tasks/43bfa36b…
C2: www[.]grevla[.]top](https://pbs.twimg.com/media/G4l8Wt5WMAAW0dD.png)
![ShadowOpCode's tweet image. 🚨#Formbook #Xloader spotted in a malspam campaign in #Italy
⚠️Using another "Lorem Ipsum Dolores" variation!
Related tweet: x.com/ShadowOpCode/s…
@anyrun_app analysis: app.any.run/tasks/43bfa36b…
C2: www[.]grevla[.]top](https://pbs.twimg.com/media/G4l8WqSWoAA5Twt.jpg)
🚨ALERT🚨 #Formbook #Xloader started using "incididunt ut labore" dummy text instead of "Lorem Ipsum" in its C2 Related tweet: x.com/guelfoweb/stat… updated network config extractor: github.com/ShadowOpCode/M…
#ClickFix #FakeCAPTCHA in an italian website hxxps://www.chiocciola40[.]it/ hxxp://te.vakun[.]ru/ptg90q8t hxxp://dqay.ci6ef[.]ru/sinkers @anyrun_app analysis: app.any.run/tasks/1e167278…
![ShadowOpCode's tweet image. #ClickFix #FakeCAPTCHA in an italian website
hxxps://www.chiocciola40[.]it/
hxxp://te.vakun[.]ru/ptg90q8t
hxxp://dqay.ci6ef[.]ru/sinkers
@anyrun_app analysis: app.any.run/tasks/1e167278…](https://pbs.twimg.com/media/G388IFdXcAAW5NR.jpg)
![ShadowOpCode's tweet image. #ClickFix #FakeCAPTCHA in an italian website
hxxps://www.chiocciola40[.]it/
hxxp://te.vakun[.]ru/ptg90q8t
hxxp://dqay.ci6ef[.]ru/sinkers
@anyrun_app analysis: app.any.run/tasks/1e167278…](https://pbs.twimg.com/media/G39AxyeXIAArEy_.png)
🚨ALERT🚨 #Formbook #Xloader started using "incididunt ut labore" dummy text instead of "Lorem Ipsum" in its C2 Related tweet: x.com/guelfoweb/stat… updated network config extractor: github.com/ShadowOpCode/M…
🚫 Il dominio è stato dismesso! Dalle 04:50 di oggi il team Abuse di @Hostinger lo ha disattivato; attualmente non è più raggiungibile.
Come ci segnala l’utente @ShadowOpCode su X, questa mattina il codice della pagina è stato modificato: ora viene inviata una richiesta GET a un dominio esterno ospitato su #Supabase, una piattaforma open-source che offre database.
Come ci segnala l’utente @ShadowOpCode su X, questa mattina il codice della pagina è stato modificato: ora viene inviata una richiesta GET a un dominio esterno ospitato su #Supabase, una piattaforma open-source che offre database.
United States Trends
- 1. New York 25.6K posts
- 2. New York 25.6K posts
- 3. Virginia 543K posts
- 4. Prop 50 190K posts
- 5. Texas 231K posts
- 6. #DWTS 41.5K posts
- 7. Clippers 9,784 posts
- 8. Van Jones 2,686 posts
- 9. TURN THE VOLUME UP 24.3K posts
- 10. Harden 10.1K posts
- 11. Ty Lue 1,012 posts
- 12. Jay Jones 105K posts
- 13. #XLOV 10.2K posts
- 14. #RadioStatic 4,067 posts
- 15. #QuestPit 6,621 posts
- 16. WOKE IS BACK 40.9K posts
- 17. #Election2025 16.8K posts
- 18. Bulls 37.6K posts
- 19. Eugene Debs 3,420 posts
- 20. AND SO IT BEGINS 9,316 posts
Something went wrong.
Something went wrong.