You might like
#Latrodectus Nasty Obfuscation #TTPs & #IOCs🕷️ [+] JS T1059.007 [+] Command Obfuscation T1027.010 5 forward slashes contain malicious code; abuse 'WindowsInstaller.Installer' to install MSI from remote IP p://193.203.203[.]40/vfs[.]msi Thank you @k3dg3 bazaar.abuse.ch/sample/6ed4c0b…
![Max_Mal_'s tweet image. #Latrodectus Nasty Obfuscation #TTPs & #IOCs🕷️
[+] JS T1059.007
[+] Command Obfuscation T1027.010
5 forward slashes contain malicious code; abuse 'WindowsInstaller.Installer' to install MSI from remote IP p://193.203.203[.]40/vfs[.]msi
Thank you @k3dg3
bazaar.abuse.ch/sample/6ed4c0b…](https://pbs.twimg.com/media/GXryrgsXwAEA7ma.jpg)
![Max_Mal_'s tweet image. #Latrodectus Nasty Obfuscation #TTPs & #IOCs🕷️
[+] JS T1059.007
[+] Command Obfuscation T1027.010
5 forward slashes contain malicious code; abuse 'WindowsInstaller.Installer' to install MSI from remote IP p://193.203.203[.]40/vfs[.]msi
Thank you @k3dg3
bazaar.abuse.ch/sample/6ed4c0b…](https://pbs.twimg.com/media/GXryt6EWAAEa4h8.jpg)
New blog with more advanced cyberchef tricks! 🔥 Looking at Flow Control, Subsections and how you can deal with alternating math operations. embeeresearch.io/advanced-cyber… #malware #Cyberchef
The Handala Hacking Team, targeting Israeli entities with a destructive wiper malware designed to obliterate files. #wiper #Handala #israeli #Malware
Handala preys on the CrowdStrike outage chaos via phishing, using an AutoIT script to launch the wiper, collect system information, and exfiltrate it via Telegram’s API. Learn from @mathanrajtk, @libranalysis, and Tomer Shloman. bit.ly/4d0ri2A
New malware campaign targets CrowdStrike Customers Email -> PDF -> URL -> Zip -> CrowdStrike.exe -> AutoIt Execution -> telegram
A variant of ViperSoftX leverages CLR to create a PowerShell environment within AutoIT and adapts existing components from offensive security scripts so threat actors can focus on improving evasion tactics. Learn more from @mathanrajtk and @sijojacob1111. bit.ly/3S0toap
My blog with @sijojacob1111 about "New ViperSoftX Malware Variant" demonstrates sophisticated evasion tactics, such as using CLR to run PowerShell commands within AutoIt and patching AMSI to avoid detection trellix.com/blogs/research…
United States Trends
- 1. Penn State 20.4K posts
- 2. Mendoza 17K posts
- 3. Gus Johnson 5,054 posts
- 4. #iufb 3,594 posts
- 5. Omar Cooper 7,431 posts
- 6. $SSHIB 1,704 posts
- 7. Sunderland 146K posts
- 8. Sayin 62.4K posts
- 9. Jim Knowles N/A
- 10. Texas Tech 12.6K posts
- 11. James Franklin 6,982 posts
- 12. Happy Valley 1,646 posts
- 13. Arsenal 246K posts
- 14. WHAT A CATCH 10.6K posts
- 15. Iowa 17.7K posts
- 16. Charlie Becker N/A
- 17. Jeremiah Smith 2,488 posts
- 18. St. John 7,945 posts
- 19. CATCH OF THE YEAR 4,087 posts
- 20. #UFCVegas111 2,451 posts
Something went wrong.
Something went wrong.