日本語
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#spynote 検索結果

0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2024/03/06

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
25
7
11千
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
2024/10/28

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1千
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
2023/12/08

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12千
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/06/05

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4千
_mostwanted002_'s profile picture. I don’t want luxury, I demand prosperity. (aka DoS King) “Death can have me, when it earns me.”
Mayank Malik
 @_mostwanted002_
/07/18

Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov

_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
0
1
4
0
577
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
2024/06/12

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3千
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/07/14

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10千
guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
2024/10/23

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2千
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
2024/08/14

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8千
quarkengine's profile picture. Dig Vulnerabilities in the BlackBox Presented at DEFCON 28 Blue Team Village and BHASIA Arsenal 2021, 2024 #DEFCON #BHASIA #MobileSecurity #AndroidSecurity
Quark Engine
 @quarkengine
/09/26

🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ

quarkengine's tweet image. 🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
0
3
6
0
201
volrant136's profile picture. APT Infra Hunter | Threat Intel Researcher | CTIA | CRTO | eCTHP |
Demon
 @volrant136
/10/27

#Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21

volrant136's tweet image. #Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21
1
1
4
1
366
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
/03/31

#Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771

alberto__segura's tweet image. #Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771
0
2
9
0
754
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2024/01/02

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/01/02

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
286
139
103千
2
6
41
13
13千
naumovax's profile picture. pt malicious network traffic researcher, speaker / this blog about new malware & interesting С2 communication & my work life
Kseniia \n
 @naumovax
/03/17

Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️

naumovax's tweet image. Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️
1
14
41
8
8千
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
2024/06/28

Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc

Cyberteam008's tweet image. Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
1
9
29
9
4千
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
/03/26

#Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)

alberto__segura's tweet image. #Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)
0
0
3
2
350
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
/04/17

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
/04/10

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1千
0
1
3
0
269
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/07/29

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2千
volrant136's profile picture. APT Infra Hunter | Threat Intel Researcher | CTIA | CRTO | eCTHP |
Demon
 @volrant136
/10/27

#Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21

volrant136's tweet image. #Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21
1
1
4
1
366
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2024/03/06

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
25
7
11千
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/05/18

#spynote #android #encryptor panel hxxp://45.130.151.211/index.php?page=Login cc: @Gi7w0rm @500mk500 @abuse_ch @ViriBack

banthisguy9349's tweet image. #spynote #android #encryptor panel hxxp://45.130.151.211/index.php?page=Login cc: @Gi7w0rm @500mk500 @abuse_ch @ViriBack
1
2
14
4
2千
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
2023/12/08

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12千
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
2024/10/28

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1千
_mostwanted002_'s profile picture. I don’t want luxury, I demand prosperity. (aka DoS King) “Death can have me, when it earns me.”
Mayank Malik
 @_mostwanted002_
/07/18

Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov

_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
0
1
4
0
577
BlinkzSec's profile picture. From Call Center Agent to Operation Centre Analyst 24/7 Shift Worker Interest in security - still a newbie
blinkz
@BlinkzSec
2024/03/31

#spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir

BlinkzSec's tweet image. #spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir
0
0
2
0
294
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/07/14

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10千
guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
2024/10/23

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2千
naumovax's profile picture. pt malicious network traffic researcher, speaker / this blog about new malware & interesting С2 communication & my work life
Kseniia \n
 @naumovax
/03/17

Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️

naumovax's tweet image. Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️
1
14
41
8
8千
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
2024/06/12

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3千
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/06/05

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4千
raghav127001's profile picture. Threat Analysis Engineer @gendigitalinc |Hunting Malware with a Passion
Raghav Rastogi
 @raghav127001
2024/05/24

http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf

raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
0
1
5
1
1千
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
/04/17

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
/04/10

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1千
0
1
3
0
269
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
2024/08/14

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8千
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2024/01/02

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/01/02

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
286
140
103千
2
6
41
13
13千
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2024/07/29

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2千
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
2024/03/06

#Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211

Cyberteam008's tweet image. #Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211
1
2
4
1
833
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
2024/06/28

Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc

Cyberteam008's tweet image. Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
1
9
29
9
4千
V3n0mStrike's profile picture. Entusiasta de la Ciberseguridad 🌐🔍 // CTF Player ☕️🚩// Guitarrista autodidacta 🎸🎶
Ven0m
 @V3n0mStrike
2023/12/27

#AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…

V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
0
2
7
1
731

Something went wrong.


Something went wrong.


United States Trends