English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#modiloader search results

FatzQatz's profile picture. As a hobbyist in malware analysis, I enjoy uncovering cyber threats for fun.
FatzQatz
 @FatzQatz
Dec 10

Threat actor turns a Cabinet (CAB) file into the Loader. It dropped #ModiLoader (aka #DBatLoader) and ultimately deployed Agent Tesla. NEOMS_EOI_FORM.cmd (yep this is CAB file) SHA256: a631e4304cf932de1129cc660fd648125226cfee4059321b4e2048c38b2f9357 Rules & IOCs in🧵 #malware

FatzQatz's tweet image. Threat actor turns a Cabinet (CAB) file into the Loader. It dropped #ModiLoader (aka #DBatLoader) and ultimately deployed Agent Tesla. NEOMS_EOI_FORM.cmd (yep this is CAB file) SHA256: a631e4304cf932de1129cc660fd648125226cfee4059321b4e2048c38b2f9357 Rules & IOCs in🧵 #malware
1
1
3
1
378
0xToxin's profile picture. @msftsecurity | Chasing bad bois
Ne0ne | Igal
 @0xToxin
Oct 27, 2022

"Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir

0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
1
8
13
1
0
ankit_anubhav's profile picture. Voice of IoT Security & awareness. I make the world of IoT a safer place. Ex- McAfee / FireEye / NewSky
Ankit Anubhav
@ankit_anubhav
Jul 29, 2022

#Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…

ankit_anubhav's tweet image. #Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…
ankit_anubhav's tweet image. #Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…
1
19
37
4
0
karol_paciorek's profile picture. 🎯 Cybersecurity enthusiast, focused on CTI and threat hunting. 🛡️ Head of @CSIRT_KNF
Karol Paciorek
 @karol_paciorek
Jan 29, 2024

🔓#opendir 147.50.253[.30 🔑Abotihy.exe - #PHEMEDRONE 🔗C2: 💬/bot5358754228:AAE42HAGW1bzIPxU7iVRC_96iDuHcwSjjVo/sendMessage?chat_id=5556872222 🖥️8888.exe - #MODILOADER -> 147.50.253[.30:8888 -> Process.exe 🖥️Client.exe - #NJRAT -> 147.50.253[.30:6522 -> WindowsServices.exe

karol_paciorek's tweet image. 🔓#opendir 147.50.253[.30 🔑Abotihy.exe - #PHEMEDRONE 🔗C2: 💬/bot5358754228:AAE42HAGW1bzIPxU7iVRC_96iDuHcwSjjVo/sendMessage?chat_id=5556872222 🖥️8888.exe - #MODILOADER -> 147.50.253[.30:8888 -> Process.exe 🖥️Client.exe - #NJRAT -> 147.50.253[.30:6522 -> WindowsServices.exe
2
9
41
4
4K
karol_paciorek's profile picture. 🎯 Cybersecurity enthusiast, focused on CTI and threat hunting. 🛡️ Head of @CSIRT_KNF
Karol Paciorek
 @karol_paciorek
Apr 22, 2024

🚨 Suspicious IP #opendir: 209.126.87[.92:8888 🌐 Domain: premiere-coal-tonight-procedure.trycloudflare[.com 🔗 File chain: iz.exe - #modiloader #remcos 🔽 onedrive[.live.com/download?resid=F4D24344D7B13420%21110&authkey=!AL5-vxbOzO8Bd8E 🔽 255_Sraomttecbk 📝 1/2

karol_paciorek's tweet image. 🚨 Suspicious IP #opendir: 209.126.87[.92:8888 🌐 Domain: premiere-coal-tonight-procedure.trycloudflare[.com 🔗 File chain: iz.exe - #modiloader #remcos 🔽 onedrive[.live.com/download?resid=F4D24344D7B13420%21110&authkey=!AL5-vxbOzO8Bd8E 🔽 255_Sraomttecbk 📝 1/2
4
13
33
9
4K
0xToxin's profile picture. @msftsecurity | Chasing bad bois
Ne0ne | Igal
 @0xToxin
Oct 27, 2022

📂#modiloader opendir: https://aljassimaluminium[.com/xerror/images/deleted/webcloudserverimagesteautodeletegroupscloudapi/ contains a password protected archive + a lot of shellcodes

0xToxin's tweet image. 📂#modiloader opendir: https://aljassimaluminium[.com/xerror/images/deleted/webcloudserverimagesteautodeletegroupscloudapi/ contains a password protected archive + a lot of shellcodes
1
4
8
0
0
kienbigmummy's profile picture. Work hard in silence , let success make the noise.
m4n0w4r
 @kienbigmummy
Sep 11, 2020

Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A

kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
1
21
69
11
0
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
Jun 3, 2024

#opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan

RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
1
0
4
1
182
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
Sep 26, 2024

🚨#Opendir #Malware 🚨 ⚠️#ModiLoader ☣️audiodg.exe➡️bbf710c83246092a538128620853d4fd 📡C2:hxxps://maan2u.com/doc/233_Qzzgbhhaaml ℹ️ C:\\Users\\Public\\pha.pif -WindowStyle hidden -Command Add-MpPreference -ExclusionExtension '.exe','bat','.pif'

ShanHolo's tweet image. 🚨#Opendir #Malware 🚨 ⚠️#ModiLoader ☣️audiodg.exe➡️bbf710c83246092a538128620853d4fd 📡C2:hxxps://maan2u.com/doc/233_Qzzgbhhaaml ℹ️ C:\\Users\\Public\\pha.pif -WindowStyle hidden -Command Add-MpPreference -ExclusionExtension '.exe','bat','.pif'
1
2
5
0
695
smica83's profile picture. Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
Szabolcs Schmidt
@smica83
Jul 22

Global Maritime and Safety System users targeted with this one especially in Greece, Germany and UK: 'GMDSS Service Report_xlsx.rar' Looks like #ModiLoader @abuse_ch bazaar.abuse.ch/sample/4c27d80…

smica83's tweet image. Global Maritime and Safety System users targeted with this one especially in Greece, Germany and UK: 'GMDSS Service Report_xlsx.rar' Looks like #ModiLoader @abuse_ch bazaar.abuse.ch/sample/4c27d80…
0
0
2
0
315
AgidCert's profile picture. Profilo ufficiale del CERT dell'Agenzia per l'Italia Digitale | Official account of the CERT of the Agency for Digital Italy @AgidGov Telegram: https://t.co/VqkIRFY4s9
Cert AgID
 @AgidCert
Jun 11

🇮🇹 Campagna #Remcos tramite #Modiloader 🎯 Italia ⚔️ TTP: ZIP > JS > PIF 🦠 #IoC👇 🔗 t.me/certagid/841 (Telegram)

AgidCert's tweet image. 🇮🇹 Campagna #Remcos tramite #Modiloader 🎯 Italia ⚔️ TTP: ZIP > JS > PIF 🦠 #IoC👇 🔗 t.me/certagid/841 (Telegram)
0
4
12
2
598
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
May 27

32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader

skocherhan's tweet image. 32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader
skocherhan's tweet image. 32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader
marsomx_'s profile picture. 🇮🇹 | IT Engineer with Cyber Security passion | Malware Analysis | Reverse Engineering | CTI - views and opinions are solely my own -
Simplicio Sam L.
 @marsomx_
May 3

[4/4] drop url: 176.65.144[.23/ff/kkinng.txt sha256: 954b611a8e8163b42691ec83d4ff0077ef6f80505a434d03e04c9ae19494ea13 bazaar.abuse.ch/browse/tag/176…

0
0
2
0
337
0
0
1
0
210
smica83's profile picture. Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
Szabolcs Schmidt
@smica83
Apr 29

Same #ModiLoader with another domain @abuse_ch bazaar.abuse.ch/sample/9d96854… Conn: mack-concord(.)hr @_operations6_

smica83's profile picture. Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
Szabolcs Schmidt
@smica83
Apr 29

Looks like a low detected #ModiLoader 'TESLIMAT FISI.cmd' @abuse_ch bazaar.abuse.ch/sample/32816da… Drops this bazaar.abuse.ch/sample/676122e… Domain: link(.)storjshare(.)io

smica83's tweet image. Looks like a low detected #ModiLoader 'TESLIMAT FISI.cmd' @abuse_ch bazaar.abuse.ch/sample/32816da… Drops this bazaar.abuse.ch/sample/676122e… Domain: link(.)storjshare(.)io
0
0
0
0
464
0
0
0
0
286
smica83's profile picture. Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
Szabolcs Schmidt
@smica83
Apr 29

Looks like a low detected #ModiLoader 'TESLIMAT FISI.cmd' @abuse_ch bazaar.abuse.ch/sample/32816da… Drops this bazaar.abuse.ch/sample/676122e… Domain: link(.)storjshare(.)io

smica83's tweet image. Looks like a low detected #ModiLoader 'TESLIMAT FISI.cmd' @abuse_ch bazaar.abuse.ch/sample/32816da… Drops this bazaar.abuse.ch/sample/676122e… Domain: link(.)storjshare(.)io
0
0
0
0
464
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
Jan 23

AhnLab warns of a new tactic using CAB header batch files to distribute ModiLoader malware via phishing emails, cleverly bypassing email security. Stay vigilant! 🔒🦠 #ModiLoader #Phishing #India link: ift.tt/U45Ki8c

TweetThreatNews's tweet image. AhnLab warns of a new tactic using CAB header batch files to distribute ModiLoader malware via phishing emails, cleverly bypassing email security. Stay vigilant! 🔒🦠 #ModiLoader #Phishing #India link: ift.tt/U45Ki8c
0
0
1
0
79
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
Jan 17

🚨 AhnLab warns of ModiLoader (DBatLoader) malware exploiting CAB file headers to bypass email security. Delivered via purchase orders, this threat executes malicious commands. Stay vigilant! 🛡️ #ModiLoader #MalwareAlert #India #ThreatResearch link: ift.tt/x3KX1pr

TweetThreatNews's tweet image. 🚨 AhnLab warns of ModiLoader (DBatLoader) malware exploiting CAB file headers to bypass email security. Delivered via purchase orders, this threat executes malicious commands. Stay vigilant! 🛡️ #ModiLoader #MalwareAlert #India #ThreatResearch link: ift.tt/x3KX1pr
0
0
1
0
56
FatzQatz's profile picture. As a hobbyist in malware analysis, I enjoy uncovering cyber threats for fun.
FatzQatz
 @FatzQatz
Dec 10

Threat actor turns a Cabinet (CAB) file into the Loader. It dropped #ModiLoader (aka #DBatLoader) and ultimately deployed Agent Tesla. NEOMS_EOI_FORM.cmd (yep this is CAB file) SHA256: a631e4304cf932de1129cc660fd648125226cfee4059321b4e2048c38b2f9357 Rules & IOCs in🧵 #malware

FatzQatz's tweet image. Threat actor turns a Cabinet (CAB) file into the Loader. It dropped #ModiLoader (aka #DBatLoader) and ultimately deployed Agent Tesla. NEOMS_EOI_FORM.cmd (yep this is CAB file) SHA256: a631e4304cf932de1129cc660fd648125226cfee4059321b4e2048c38b2f9357 Rules & IOCs in🧵 #malware
1
1
3
1
378
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
Sep 26, 2024

🚨#Opendir #Malware 🚨 ⚠️#ModiLoader ☣️audiodg.exe➡️bbf710c83246092a538128620853d4fd 📡C2:hxxps://maan2u.com/doc/233_Qzzgbhhaaml ℹ️ C:\\Users\\Public\\pha.pif -WindowStyle hidden -Command Add-MpPreference -ExclusionExtension '.exe','bat','.pif'

ShanHolo's tweet image. 🚨#Opendir #Malware 🚨 ⚠️#ModiLoader ☣️audiodg.exe➡️bbf710c83246092a538128620853d4fd 📡C2:hxxps://maan2u.com/doc/233_Qzzgbhhaaml ℹ️ C:\\Users\\Public\\pha.pif -WindowStyle hidden -Command Add-MpPreference -ExclusionExtension '.exe','bat','.pif'
1
2
5
0
695
ESETresearch's profile picture. Security research and breaking news straight from ESET Research Labs.
ESET Research
@ESETresearch
Aug 8, 2024

The overall number of Rescoms samples delivered via AceCryptor nonetheless declined by 75%. It seems that the delivery method of Rescoms in the region has switched to #ModiLoader. We registered several notable ModiLoader phishing campaigns in May, see welivesecurity.com/en/eset-resear…. 4/6

1
1
3
0
2K
MalwarePatrol's profile picture. Malware Patrol's cyber #threatintelligence solutions offer a comprehensive view of the external threat landscape. #infosec #cybersec #APT #malware #phishing
Malware Patrol
 @MalwarePatrol
Aug 1, 2024

"instead, in all nine campaigns, #attackers used #ModiLoader (aka #DBatLoader) as the preferred delivery tool of choice. The final payload to be delivered and launched on the compromised machines varied" welivesecurity.com/en/eset-resear…

0
0
0
0
110
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Jul 31, 2024

#ThreatProtection #ModiLoader #malware campaign targeting Small and Medium-Sized Business (#SMB) in #Poland, read more about Symantec's protection: broadcom.com/support/securi…

0
0
2
0
2K
No results for "#modiloader"
0xToxin's profile picture. @msftsecurity | Chasing bad bois
Ne0ne | Igal
 @0xToxin
Oct 27, 2022

"Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir

0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
0xToxin's tweet image. "Pre_Procurement Verification (Mog Energy)_Ref_TR0029388827772_10_27_2022" malspam mail -> sharepoint URL -> password protected 7z -> 3 #modiloader -> #AveMaria executables C2: pentester0.accesscam[.org Bazaar: bazaar.abuse.ch/browse/tag/pen… check comments for #modiloader opendir
1
8
13
1
0
ankit_anubhav's profile picture. Voice of IoT Security & awareness. I make the world of IoT a safer place. Ex- McAfee / FireEye / NewSky
Ankit Anubhav
@ankit_anubhav
Jul 29, 2022

#Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…

ankit_anubhav's tweet image. #Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…
ankit_anubhav's tweet image. #Modiloader / #Dbatloader The .z archive leads to exe, which uses lVali UserAgent to download encrypted file from Onedrive ( so MS doesn't take it down ). Post decryption its injected in legit MS process like sndvol to do the C2 comms on 42020 port. bazaar.abuse.ch/sample/4473b5d…
1
19
37
4
0
kienbigmummy's profile picture. Work hard in silence , let success make the noise.
m4n0w4r
 @kienbigmummy
Sep 11, 2020

Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A

kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
kienbigmummy's tweet image. Recently, I have been investigating a malware loader which is ModiLoader. This loader is delivered through the Malspam services to lure end users to execute malicious code. blog.vincss.net/2020/09/re016-… #VinCSS #ModiLoader #MalwareAnalysis #Z2A
1
21
69
11
0
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
Jun 3, 2024

#opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan

RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
RacWatchin8872's tweet image. #opendir #trojan #modiloader hxxp://103.230.121.]50 - 1.exe - Trojan - Build.exe - Moldiloader - Crypted.Exe - Trojan - main.exe - Trojan - server.exe - Trojan
1
0
4
1
182
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
May 27

32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader

skocherhan's tweet image. 32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader
skocherhan's tweet image. 32ba1ee78874a80a23a0d09427d52af6 05ef4ca659965c1d3faa58077b0f9943 #FormBook #ModiLoader #DBatLoader
marsomx_'s profile picture. 🇮🇹 | IT Engineer with Cyber Security passion | Malware Analysis | Reverse Engineering | CTI - views and opinions are solely my own -
Simplicio Sam L.
 @marsomx_
May 3

[4/4] drop url: 176.65.144[.23/ff/kkinng.txt sha256: 954b611a8e8163b42691ec83d4ff0077ef6f80505a434d03e04c9ae19494ea13 bazaar.abuse.ch/browse/tag/176…

0
0
2
0
337
0
0
1
0
210
AgidCert's profile picture. Profilo ufficiale del CERT dell'Agenzia per l'Italia Digitale | Official account of the CERT of the Agency for Digital Italy @AgidGov Telegram: https://t.co/VqkIRFY4s9
Cert AgID
 @AgidCert
Jun 11

🇮🇹 Campagna #Remcos tramite #Modiloader 🎯 Italia ⚔️ TTP: ZIP > JS > PIF 🦠 #IoC👇 🔗 t.me/certagid/841 (Telegram)

AgidCert's tweet image. 🇮🇹 Campagna #Remcos tramite #Modiloader 🎯 Italia ⚔️ TTP: ZIP > JS > PIF 🦠 #IoC👇 🔗 t.me/certagid/841 (Telegram)
0
4
12
2
598
SpiderLabs's profile picture. The elite security team at @Trustwave. Response & Investigations. Analysis & Testing. Research & Development. Follow for info on the latest #infosec threats.
SpiderLabs
@SpiderLabs
Jan 31, 2024

🚨 #Malspam Alert: Ongoing ModiLoader malspam campaign detected. The initial threat is hidden in a 7Zip archive with a sneaky CAB file, delivering #ModiLoader and initiating #RemcosRAT infection.

SpiderLabs's tweet image. 🚨 #Malspam Alert: Ongoing ModiLoader malspam campaign detected. The initial threat is hidden in a 7Zip archive with a sneaky CAB file, delivering #ModiLoader and initiating #RemcosRAT infection.
0
1
1
0
772

Something went wrong.


Something went wrong.


United States Trends