#threadkit resultados de búsqueda
First run is absolutely #LokiBot, doc uses #threadkit by the look of it...not sure what to make of <snicker> this though.
Pretty sweet #threadkit doc via #malspam, is #pony with c2 of: http://www.a10gamesa10[.]com/php/gate.php cc @benkow_ @Xylit0l @Anti_Expl0it @h3x2b @cocaman @0Btemos_BHS @fumik0_
![James_inthe_box's tweet image. Pretty sweet #threadkit doc via #malspam, is #pony with c2 of:
http://www.a10gamesa10[.]com/php/gate.php
cc @benkow_ @Xylit0l @Anti_Expl0it @h3x2b @cocaman @0Btemos_BHS @fumik0_](https://pbs.twimg.com/media/DxxC_ULX4AEXa0q.jpg)
![James_inthe_box's tweet image. Pretty sweet #threadkit doc via #malspam, is #pony with c2 of:
http://www.a10gamesa10[.]com/php/gate.php
cc @benkow_ @Xylit0l @Anti_Expl0it @h3x2b @cocaman @0Btemos_BHS @fumik0_](https://pbs.twimg.com/media/DxxC_UKUwAAvU3Z.jpg)
#threadkit dropping #formbook via #malspam; c2 sites here: pastebin.com/P5Z80Bzu hash aa590a773eb2297f2d474d11792f6311 for the doc on @mal_share
#LokiBot #ThreadKit 103_010COUS180790001_6412663116-09-04-18.doc 8c64c1f6830691ac48a80dc7cd30e0f3 185.82.202.87 POST /~zadmin/cam/conn.php Subject: SWIFT Transfer (103) 010COUS180790001 From: [email protected] [+] WebShell Active
![pollo290987's tweet image. #LokiBot #ThreadKit
103_010COUS180790001_6412663116-09-04-18.doc
8c64c1f6830691ac48a80dc7cd30e0f3
185.82.202.87 POST /~zadmin/cam/conn.php
Subject: SWIFT Transfer (103) 010COUS180790001
From: swift@dtbafrica.com
[+] WebShell Active](https://pbs.twimg.com/media/DaWQVaFUMAECcsW.jpg)
New #ThreadKit campaign. Malicious doc (RTF exploit #CVE-2017-8570) drops SCT, decoy doc, cmd files, kill-switch (blOCk.tXt) and finally payload named "saver.scr". app.any.run/tasks/efceacee… virustotal.com/#/file/73b61af…
#threadkit #maldoc #rtf sample seems to be very busy. Had a lot of signature hits, not sure how many are true. @malwrhunterteam Run at: app.any.run/tasks/16deb6c8…
New #ThreadKit exploit builder used to spread #banking #Trojan and RATs buff.ly/2ur6DDS #Cybersecurity #Fintech #Blockchain #infosec #Cybersec #Chatbots #AI #Bigdata #Datascience #privacy #privacymatters #crypto
Precision meets craftsmanship with our Advance Thread Solution 1-1/2-6 UNC Kit, beautifully encased in a premium wooden box. Perfect for all your threading needs, with durability that stands the test of time. 🛠️ #ThreadKit #Craftsmanship #PrecisionTools #Rapicoil
Looks like a modified #threadkit doc but I don't know what the payload is. It does periodically run a .txt file as an EXE and I'm guessing the DNS requests are connectivity checks. Any thoughts? @Antelox @malwrhunterteam @James_inthe_box @avman1995 app.any.run/tasks/8056a83d…
Two #threadkit #rtf docs dropping #Azorult both docs had 8/59 on VT and one seemed blockchain themed. maksssnd[.]beget[.]tech/index.php 94[.]250.248.105/task.bat app.any.run/tasks/caab858a… app.any.run/tasks/1e37e603…
![Zerophage1337's tweet image. Two #threadkit #rtf docs dropping #Azorult both docs had 8/59 on VT and one seemed blockchain themed.
maksssnd[.]beget[.]tech/index.php
94[.]250.248.105/task.bat
app.any.run/tasks/caab858a…
app.any.run/tasks/1e37e603…](https://pbs.twimg.com/media/DeuF3xsXcAEfoAp.jpg)
![Zerophage1337's tweet image. Two #threadkit #rtf docs dropping #Azorult both docs had 8/59 on VT and one seemed blockchain themed.
maksssnd[.]beget[.]tech/index.php
94[.]250.248.105/task.bat
app.any.run/tasks/caab858a…
app.any.run/tasks/1e37e603…](https://pbs.twimg.com/media/DeuF4e8WAAEzveD.jpg)
#threadkit , bad times ahead if you open this maldoc.. "Urgent Overdue Outstanding Payement.doc" app.any.run/tasks/ed7813ca…
Use your promo code: ✨THREADKIT✨ to get free ground shipping if you purchase one of our thread kits! #FreeShipping #threadkit #hydraulicfittings #promo #HappyMarch
Found a #maldoc #threadkit -> #betabot hxxp://trashbin[.]pw/bin/p/logout.php hxxp://www[.]gallerdo.[i]nfo/d7/config.php?account=diego app.any.run/tasks/8e2865d2…
![Zerophage1337's tweet image. Found a #maldoc #threadkit -&gt; #betabot
hxxp://trashbin[.]pw/bin/p/logout.php
hxxp://www[.]gallerdo.[i]nfo/d7/config.php?account=diego
app.any.run/tasks/8e2865d2…](https://pbs.twimg.com/media/DaWsCjiX0AIJtQt.jpg)
Done, should match the initial #threadkit and this recent one. pastebin.com/EE4SqW1G
Precision meets craftsmanship with our Advance Thread Solution 1-1/2-6 UNC Kit, beautifully encased in a premium wooden box. Perfect for all your threading needs, with durability that stands the test of time. 🛠️ #ThreadKit #Craftsmanship #PrecisionTools #Rapicoil
Use your promo code: ✨THREADKIT✨ to get free ground shipping if you purchase one of our thread kits! #FreeShipping #threadkit #hydraulicfittings #promo #HappyMarch
Malicious document builders like #LCGKit and #ThreadKit have recently become a common tool for attackers. Now they're adding Microsoft Word macro capabilities. hubs.ly/H0hrVQp0
#Threadkit exploit kit is distributing #Formbook malware targeting an old vulnerability. The 2017 bug was discovered, exploited and patched back in July 2017, but that hasn’t stopped it from viewing the exploit as still valuable. ow.ly/Iqf230nClMo
Pretty sweet #threadkit doc via #malspam, is #pony with c2 of: http://www.a10gamesa10[.]com/php/gate.php cc @benkow_ @Xylit0l @Anti_Expl0it @h3x2b @cocaman @0Btemos_BHS @fumik0_
Pretty sweet #threadkit doc via #malspam, is #pony with c2 of: http://www.a10gamesa10[.]com/php/gate.php cc @benkow_ @Xylit0l @Anti_Expl0it @h3x2b @cocaman @0Btemos_BHS @fumik0_
First run is absolutely #LokiBot, doc uses #threadkit by the look of it...not sure what to make of <snicker> this though.
New #ThreadKit campaign. Malicious doc (RTF exploit #CVE-2017-8570) drops SCT, decoy doc, cmd files, kill-switch (blOCk.tXt) and finally payload named "saver.scr". app.any.run/tasks/efceacee… virustotal.com/#/file/73b61af…
#threadkit dropping #formbook via #malspam; c2 sites here: pastebin.com/P5Z80Bzu hash aa590a773eb2297f2d474d11792f6311 for the doc on @mal_share
#LokiBot #ThreadKit 103_010COUS180790001_6412663116-09-04-18.doc 8c64c1f6830691ac48a80dc7cd30e0f3 185.82.202.87 POST /~zadmin/cam/conn.php Subject: SWIFT Transfer (103) 010COUS180790001 From: [email protected] [+] WebShell Active
#threadkit #maldoc #rtf sample seems to be very busy. Had a lot of signature hits, not sure how many are true. @malwrhunterteam Run at: app.any.run/tasks/16deb6c8…
New #ThreadKit exploit builder used to spread #banking #Trojan and RATs buff.ly/2ur6DDS #Cybersecurity #Fintech #Blockchain #infosec #Cybersec #Chatbots #AI #Bigdata #Datascience #privacy #privacymatters #crypto
Use your promo code: ✨THREADKIT✨ to get free ground shipping if you purchase one of our thread kits! #FreeShipping #threadkit #hydraulicfittings #promo #HappyMarch
#threadkit , bad times ahead if you open this maldoc.. "Urgent Overdue Outstanding Payement.doc" app.any.run/tasks/ed7813ca…
Found a #maldoc #threadkit -> #betabot hxxp://trashbin[.]pw/bin/p/logout.php hxxp://www[.]gallerdo.[i]nfo/d7/config.php?account=diego app.any.run/tasks/8e2865d2…
Looks like a modified #threadkit doc but I don't know what the payload is. It does periodically run a .txt file as an EXE and I'm guessing the DNS requests are connectivity checks. Any thoughts? @Antelox @malwrhunterteam @James_inthe_box @avman1995 app.any.run/tasks/8056a83d…
Two #threadkit #rtf docs dropping #Azorult both docs had 8/59 on VT and one seemed blockchain themed. maksssnd[.]beget[.]tech/index.php 94[.]250.248.105/task.bat app.any.run/tasks/caab858a… app.any.run/tasks/1e37e603…
#Researchers have discovered a new version of #ThreadKit, #malware known to be used by Cobalt Group, first identified in 2016, according to Fidelis #Cybersecurity. Find out more here: cysec-rco.com/2018/12/18/cob…
Something went wrong.
Something went wrong.
United States Trends
- 1. Expedition 33 27K posts
- 2. GOTY 17.5K posts
- 3. Sonic 3 6,513 posts
- 4. Moana 24.6K posts
- 5. #TheGameAwards 30.9K posts
- 6. Cher 19.9K posts
- 7. Zelda 51.3K posts
- 8. FEMA 5,623 posts
- 9. Clair Obscur 17.3K posts
- 10. Comey 25.4K posts
- 11. Cruz 47.4K posts
- 12. #RestoreTheSnyderVerse 33.5K posts
- 13. Hades 2 13.4K posts
- 14. Silksong 34.4K posts
- 15. Rex Ryan N/A
- 16. Split Fiction 4,499 posts
- 17. Donkey Kong 11.1K posts
- 18. David Richardson 1,915 posts
- 19. Avowed 1,829 posts
- 20. #IDontWantToOverreactBUT 1,493 posts