꧁❀✰﷽✰❀꧂
In The Name Of God
تبلیغات👇 :
https://t.me/+TJeRqfNn3Y4_fteA
Last updated 6 days, 6 hours ago
☑️ Collection of MTProto Proxies
🔘 تبليغات بنرى
@Pink_Bad
🔘 تبليغات اسپانسری
@Pink_Pad
پینک پروکسی قدیمی ترین تیم پروکسی ایران
Last updated 1 day, 4 hours ago
Official Channel for HA Tunnel - www.hatunnel.com
Last updated 3 months, 2 weeks ago
#ParsedReport #CompletenessMedium 06-08-2024 Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You https://cybersecurity.att.com/blogs/labs-research/hijacked-how-cybercriminals-are-turning-anti-virus-software-against-you Report completeness:…
#ParsedReport #CompletenessMedium 06-08-2024 Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You https://cybersecurity.att.com/blogs/labs-research/hijacked-how-cybercriminals-are-turning-anti-virus-software-against-you Report completeness:…
#ParsedReport #CompletenessMedium
06-08-2024
Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You
Report completeness: Medium
Threats:
Sbaproxy_tool
Cobalt_strike
TTPs:
Tactics: 5
Technics: 11
IOCs:
Hash: 1
File: 1
Algorithms:
exhibit, xor
Win API:
LoadLibrary, getaddrinfo
Languages:
powershell
AT&T Cybersecurity
Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You
Executive Summary LevelBlue Labs has identified a new evolution in the toolset of threat actors. Threat actors are hijacking legitimate anti-virus software to carry out malicious activities undetected. A new tool, named SbaProxy, has been found masquerading…
#ParsedReport #CompletenessLow 06-08-2024 Beware of Fake WinRar Websites: Malware Hosted on GitHub https://blog.sonicwall.com/en-us/2024/08/beware-of-fake-winrar-websites-malware-hosted-on-github Report completeness: Low Threats: Typosquatting_technique…
#ParsedReport #CompletenessLow 06-08-2024 Beware of Fake WinRar Websites: Malware Hosted on GitHub https://blog.sonicwall.com/en-us/2024/08/beware-of-fake-winrar-websites-malware-hosted-on-github Report completeness: Low Threats: Typosquatting_technique…
#ParsedReport #CompletenessLow
06-08-2024
Beware of Fake WinRar Websites: Malware Hosted on GitHub
https://blog.sonicwall.com/en-us/2024/08/beware-of-fake-winrar-websites-malware-hosted-on-github
Report completeness: Low
Threats:
Typosquatting_technique
Hvnc_tool
Kematian_stealer
ChatGPT TTPs:
do not use without manual check
T1071, T1587, T1102, T1566, T1059
IOCs:
File: 1
Soft:
Windows Defender, Telegram
SonicWall
Beware of Fake WinRar Websites: Malware Hosted on GitHub
Overview A fake website seemingly distributing WinRar, a data compression, encryption, and archiving tool for Windows, has been seen also hosting malware. This fake website closely resembles the official website, uses typosquatting, and capitalizes on…
#ParsedReport #CompletenessMedium 06-08-2024 Unmasking Cronus: How Fake PayPal Documents Deliver Fileless Ransomware via PowerShell https://www.seqrite.com/blog/unmasking-cronus-how-fake-paypal-documents-deliver-fileless-ransomware-via-powershell Report…
#ParsedReport #CompletenessMedium 06-08-2024 Unmasking Cronus: How Fake PayPal Documents Deliver Fileless Ransomware via PowerShell https://www.seqrite.com/blog/unmasking-cronus-how-fake-paypal-documents-deliver-fileless-ransomware-via-powershell Report…
#ParsedReport #CompletenessMedium
06-08-2024
Unmasking Cronus: How Fake PayPal Documents Deliver Fileless Ransomware via PowerShell
Report completeness: Medium
Threats:
Cronus
Netwalker
Junk_code_technique
Process_injection_technique
Process_hacker_tool
Runkeys_technique
Revenge_rat
Arrow_rat
Asyncrat
Andromeda
Xworm_rat
Njrat
Spear-phishing_technique
Process_hollowing_technique
Victims:
Individuals
TTPs:
Tactics: 6
Technics: 13
IOCs:
File: 7
Url: 2
Path: 1
Hash: 6
Soft:
thebat, thebat64, onenote, outlook, PccNTMon, wordpad
Crypto:
bitcoin
Algorithms:
lzma, zipx, base64, aes
Win Services:
WebClient, sqlwriter, sqbcoreservice, VirtualBoxVM, sqlagent, sqlbrowser, sqlservr, agntsvc, infopath, synctime, have more...
Languages:
visual_basic, powershell
Links:
https://github.com/SychicBoy/NetReactorSlayer/
Blogs on Information Technology, Network & Cybersecurity | Seqrite
Unmasking Cronus: How Fake PayPal Documents Deliver Fileless Ransomware via PowerShell
<p>Seqrite Labs APT-Team has recently discovered multiple campaigns involving fake PayPal lures. These are targeting individuals around the globe with a new variant of ransomware known as Cronus. In this case, the malware is developed in PowerShell and is…
#ParsedReport #CompletenessLow
05-08-2024
August 6, 2024
https://asec.ahnlab.com/ko/82209
Report completeness: Low
IOCs:
Hash: 3
Url: 3
IP: 3
ASEC
2024년 08월 06일
2024년 08월 06일 Hash 1ace0b015f1fdcb6fa55bf1fc1a447dd4223e6fb86ab07ef86971e5827e7180e2139918a333da1fb78ec259bdf4341bc807 URL 1https[:]//clp[.]newtech[.]lol/webdav/shfiles/cp[.]exe2https[:]//gateway[.…
꧁❀✰﷽✰❀꧂
In The Name Of God
تبلیغات👇 :
https://t.me/+TJeRqfNn3Y4_fteA
Last updated 6 days, 6 hours ago
☑️ Collection of MTProto Proxies
🔘 تبليغات بنرى
@Pink_Bad
🔘 تبليغات اسپانسری
@Pink_Pad
پینک پروکسی قدیمی ترین تیم پروکسی ایران
Last updated 1 day, 4 hours ago
Official Channel for HA Tunnel - www.hatunnel.com
Last updated 3 months, 2 weeks ago