The DFIR Report
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion.
Services: https://t.co/XW613EKt2w
03-04-2020 01:33:43
1,2K Tweets
52,4K Followers
0 Following
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion.
Services: https://t.co/XW613EKt2w
03-04-2020 01:33:43
1,2K Tweets
52,4K Followers
0 Following
![A threat actor recently dropped/executed Network Scanner (NS.exe) in the honeypot. This time, it was bundled with NJRAT. ➡️NJRAT: C:\ProgramData\Synaptics\Synaptics.exe ➡️C2: 69.42.215[.]252:80 ➡️VT: virustotal.com/gui/file/e4b0f… ➡️Any Run: app.any.run/tasks/566223f6…](https://pbs.twimg.com/media/EnH8sryXUAIH3PD.png "The DFIR Report (@TheDFIRReport) on Twitter photo 2020-11-18 18:04:47 A threat actor recently dropped/executed Network Scanner (NS.exe) in the honeypot. This time, it was bundled with NJRAT. ➡️NJRAT: C:\ProgramData\Synaptics\Synaptics.exe ➡️C2: 69.42.215[.]252:80 ➡️VT: virustotal.com/gui/file/e4b0f… ➡️Any Run: app.any.run/tasks/566223f6…")