#opendir نتائج البحث

#opendir #obfuscated bat files

Nice hit!! 🫡#opendir everywhere...

Back in the rest of the #opendir, uploads/ is used by app.py, I don't see where downloads_cache is used, but similar agent-[0-9]+ structure. The SANS PDF "All-books-in-oneSANSSEC670RedTeamingTools-DevelopingCustomToolsforWindows.pdf" may be the inspiration behind…

Interesting #OpenDir on #QuasarRat C2 server 185.208.159[.]161:8000 . The open web directory includes source code for a backdoor + misc development artifacts. platform.censys.io/hosts/185.208.… search.censys.io/hosts/185.208.… #malware #thread 🧵

🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️

⚠️ Opendir Exposure | turdinc[.]kicks-ass[.]net Open directory hxxps://turdinc[.]kicks-ass[.]net/Msntv/imagesJP/JPbuildDC1004/WINCE/ hosts numerous files incl. .EXE. Flagged for #Malware analysts. Handle with extreme caution — DO NOT download or execute. #Opendir

⚠️ LucasArts Opendir Exposure | #Opendir Open directory hosting 121 .EXE files found at hxxp://ftp[.]xtal[.]net/pub/archives/ftp-sites/ftp[.]lucasarts[.]com/patches/pc/ — Potential #Malware.For #Malware analysts. Handle with extreme caution; do NOT download or execute.

⚠️ #Opendir Exposure | #GuardianProject Open directory at hxxps://guardianproject[.]info/releases/ — hosting 1000+ .EXE files. Marked as a source for #Malware analysts. Handle with extreme caution; do NOT download or execute. #CyberSecurity #DataLeak

⚠️ #Opendir Exposure | #NewZealand Open directory found at hxxps://www[.]msupply[.]org[.]nz/files/old/ — hosting 100+ .EXE files. Flagged for #Malware analysts; handle with extreme caution. Do NOT download or execute. #CyberSecurity #DataLeak

⚠️ #Opendir Exposure | cloudio[.]dedyn[.]io Leak Open directory (hxxps://cloudio[.]dedyn[.]io/~dio/) reportedly hosts samples: ipscan.zip, netscan.exe, netscan.zip, netscan_portable.zip. Tagged for #Malware analysts — handle with extreme caution.

'Document.lnk' uploaded from Ireland @abuse_ch bazaar.abuse.ch/sample/d2c4344… #opendir hxxp://193.233.84(.)146/Documents/Document.lnk (Russia) Try to drop this one: hxxps://goole(.)com/a.exe

⚠️ #Opendir Exposure Open upload directory (hxxps://support[.]green[.]cz/uploads/index[.]php) hosts .EXE samples — netscan.exe, NetworkScannerSetup-3.0.4.exe. Tagged as a research source for #Malware analysts; handle with extreme caution. #Czech

🚨#Opendir #Malware🚨 hxxps://45.81.113.220/ ⚠️#QuasarRAT ☣️📸Client.exe➡️efffe2afbc5d8a0ad85b16155f0e1ed6 📡📸tcp://45.81.113.220:1605

@500mk500 fyi #quasarRAT #opendir urlhaus.abuse.ch/url/3635801/ urlhaus.abuse.ch/url/3635800/ thanks to @huntio and @ReversingLabs

#opendir #cobaltstrike cc: @500mk500 found via @Huntio

Heyyy if I was you and you want to learn more about #Malware @ryanlrussell wrote an awesome article you can read and learn a lot! How everything began with an #Opendir and end up in a so interesting research.

Same Threat Actor behind these #opendir / Similar Stealer and PS1 scripts: Analysis through @Huntio revealed same certificate hash. Certificates.HashSha256:C3D1588C312A2CE47B1987E4EF5A44932E3F6FE563BC0A0B34898BE00A54559A 2nd opendir: 196.251.73.58 VT: virustotal.com/gui/ip-address…

#Cloudflare sites with 🚨#Opendir #Malware🚨 1⃣hxxps://pretty-ebony-feeds-ericsson.trycloudflare.com/ 2⃣hxxps://watches-omaha-partnerships-median.trycloudflare.com/ 3⃣hxxps://static-obligations-baths-carnival.trycloudflare.com/

⚠️ #OPendir Discovery — #NAS #Australia downloads expose 50+ .EXE files (incl. psexec.exe). Handle with caution — potential malware / dual-use binaries. For #MalwareAnalysts & defenders only. 🔗 nas[.]com[.]au/downloads/ #CyberSecurity

'Document.js' from #opendir @abuse_ch hxxp://46.28.71(.)42:8080/html/dl/Document.js bazaar.abuse.ch/sample/5c2a5a4… C2 📡 hxxp://wkkuakciqmwewgyk(.)xyz:443/api/client_hello

🚨#Opendir #Malware🚨 hxxps://45.81.113.220/ ⚠️#QuasarRAT ☣️📸Client.exe➡️efffe2afbc5d8a0ad85b16155f0e1ed6 📡📸tcp://45.81.113.220:1605

#opendir #obfuscated bat files

#DarkVisionRAT #opendir https://5.89.185[.]156/

🚨#OpenDir hxxp://sremc.duckdns.org

🤔 #opendir hxxp://34.101.154[.]50

#Opendir #Panel 🇧🇷 Sites: hxxp://74.207.237.97/ hxxp://24.152.39.178/contador/ hxxp://24.152.37.226/contador/

#opendir #orcusrat with #unamwebpanel

#malware #opendir at: http://invoicetrycloudflare\.com:9983/

#mirai #opendir at http://31.220.3.140

#Malware 🇧🇷 Sitio falso de MercadoEnvios descarga: - zip -> msi - AnyDesk Sites: hxxps://52.159.123.0/ hxxp://20.206.241.68/ #opendir C2 52.159.123.]0:6400 20.206.241.]68:6400

#Malware KL Remota "Zeus" 🇧🇷 Payloads #Opendir hxxp://92.205.129.120/ Contador hxxps://3illeceara1e2.likescandy.com/ C2 92.205.231.]161:80

#opendir #malware #sliver hxxp://136.0.44.4:8000/

#opendir 106.14.176.]208 Is hosting several suspicious ELF files communicating w/ the above IP on port 7744 and frp, likely to proxy traffic. RingQ, an open-source Windows shellcode generator, is also present. A week ago, Vshell was also detected on this IP on port 8082.

Hunting Open Directories With Random File Names?🧐 Random file names can seem tricky to pivot on, but it's easy to do with some neat regex tricks. Let's look at signaturing a random file name to find new malicious open directories and IOC's. #malware #intel #opendir

#Opendir hxxp://20.117.118.95/

Institución educativa en 🇨🇱Chile expone información confidencial de al menos 553 personas en un #opendir, incluyendo cédulas de identidad (ambas caras), certificados de estudio y nacimiento. Lo más grave es que esta info. es accesible para cualquiera, mediante una simple búsqueda…

#stealc #opendir at: http://91.92.250[.]161/files/

#opendir for today! http://39.105.31.193:1389/ Client-built[.]exe = #QuasarRAT for you to analyse the rest!

#opendir #uadmin #panel #zip hxxp://179.43.141[.]100/

#Opendir Mails y cuentas expuestas relacionada a 🇧🇷 Site hxxps://102.165.46.179/