MalwareHunterTeam JAMESWT James Florian Roth bohops Michael Gillespie Hash for reference
2cb6b44f937a8b7c3a504d2297f4c5d02fc1fb6c5c2f7d144afe9680a62b05fa
bf4b16ddf045ee5893c571841e0564a9ebcf26b1f2ec342c738ddefd7a6d1f98
7b60ef4718df9a021591c888dbc1c0eca9a94300a69415e86237371309d984ab

@Lokesh42651261 lc4m Arkbird MalwareHunterTeam JAMESWT Well there is MAY BE - which is how attribution works

boom, copped some LFG Lekomotion Decentralized Nukebase | Suiswap IDO on 06/03 TheMillionOrNothing NARCE Mo Kit @Lokesh42651261 李小白🇨🇳Shit Hunter🚀$Bitcoin🐶 Zeferis sandra👸🌸 Stephen Ogundeji Antonio Monteiro Francematos.eth 🟧 Jeff •Özkan•🐾Pawzone🐾 Mac🐺 Er. DK Verma (Avive Citizen) Abdullahi Adamu Yusuf Marshall Williamson

LM DAO (💰,❤) #1st 🇮🇳 Dao @InSilvaNFT Upcoming Project .....Wow Hyped project
I'm confirm got wl

@Monu38815453 Hansraj6 Roni19 @Lokesh42651261 Lokendra

@makflwana @Lokesh42651261 Arkbird MalwareHunterTeam JAMESWT Wise 😄

James @Lokesh42651261 Vitali Kremez MalwareHunterTeam Florian Roth Malwrologist JAMESWT Nice find! another one here virustotal.com/gui/file/ad421…

Did you know CBD can enhance your sexual pleasure? Read our review of the His & Her CBD Pleasure Oil from Fusioncbd.

We are pleased to announce CF Industries is again ranked among the Fortune 500, reflecting outstanding work by our team in 2022 and our ongoing commitment to our mission to provide clean energy to feed and fuel the world sustainably. 👏

My recent blog:
Loader module of Cobalt Strike

The latest K7 Computing blog describes how threat actors are abusing a pornography site to deliver #Zloader #malware through a fake #java #plug -in. Read more at labs.k7computing.com/?p=22458

#cybersecurity #malware #datasecurity

lc4m @Lokesh42651261 Arkbird MalwareHunterTeam JAMESWT How is this needs to do anything with APT? (No offense)
Home IP of the actor: 41.190.2.102:NG

btw this also related to the same actor: app.any.run/tasks/7b2fda09…
+ check the claimed APT actor daily work:

@Lokesh42651261 n33d hasherezade And, may have been updated? Malsmoke used to write the Zloader to microsoft_shared.tmp, but this time it's not. According to ANY.RUN, Zloader communication is occurring from chrome.exe?

My new Blog
Fake Porn site uses Fake #java #Plugins to deliver #Zloader #malware

Nourishing minds and #strengtheningcommunities : JBS USA Better Futures Program helps employees like single parent of five Alisia Quevedo earn the education and skills they want by paying their tuition in full. Learn more here. #healthandwellness #ad bit.ly/3My1sqQ

@Lokesh42651261 MalwareHunterTeam JAMESWT James Florian Roth bohops Michael Gillespie 193[.]233[.]134[.]57
ThreatBook has marked this as Spam on 2021-08-02. Related samples were discovered:
threatbook.io/ip/193.233.134…

@Lokesh42651261 KrabsOnSecurity JAMESWT James MalwareHunterTeam Vitali Kremez ANY.RUN How you got the file?

@Lokesh42651261 Anonymous🐾🐈‍⬛🍵☕ Vitali Kremez MalwareHunterTeam James JAMESWT Is there a site that teaches you how to get started like for beginners?.

#Pikabot
ddef0c551d3e5c1ec331bc4239db316a-Loader
56f1a42100754f98594ad8a282e8b648-injector
#antidebug & geography region check etc.

#malware #reversing #Cybersecurity #MaaS #ThreatIntelligence

MalwareHunterTeam JAMESWT James Florian Roth bohops Michael Gillespie

Register now!
'The Gorgon-tuan Odyssey: RATting Out a Pakistani APT Group' by @Lokesh42651261 of K7 Computing

Damian Cyber Threat Alliance AhnLab Security Information AppEsteem K7 Computing @avast_antivirus @asiaprints Hitachi Vantara

K7 researchers analyse Cobalt Strike and its loader module. labs.k7computing.com/index.php/diss…

Executing shellcode using #ZwQueueApcThread and #NtTestAlert API
AresLoader version 3.0
193[.233[.134.57/manager/payload

#malware #AresLoader #reversing #cybersecurite #MaaS #ThreatProtection #intel
MalwareHunterTeam JAMESWT James Florian Roth bohops Michael Gillespie

@Lokesh42651261 Vitali Kremez JAMESWT James Florian Roth Arkbird Discord CDN in well known for being a good malware CDN choice for long months now...

Happy New Year!
nycto saul machain Crypto Jollof Sk suheb Camila Obando Paul Pittsford cristian andres zapatanalvarez @Lokesh42651261 Mr. Fancy🔛مصة فنسي hadibagaymgiorgio Algolover rumput institute Dustin Nguyen sef JRM Greg Martinez

@Lokesh42651261 Arkbird MalwareHunterTeam JAMESWT absolutely #formbook but actually i'm not too confident about attribution because the infection chain looks different than the usual i met in the past.. 🧐🧐🧐

@Lokesh42651261 Vitali Kremez James MalwareHunterTeam bohops Malwrologist About your #coinminer #Xmrig
Source Url cpu 2020-07-20 09:19:07 UTC
urlhaus.abuse.ch/url/415162/
main Sample
bazaar.abuse.ch/sample/5fb20cc…
related Samples
bazaar.abuse.ch/sample/ea0dcd6…
bazaar.abuse.ch/sample/68b4837…
bazaar.abuse.ch/sample/5484d55…