🛩️💥🇷🇺 Good detonation of the tank after hitting the #FPV of the drone. The detonation occurred after the first hit while the tank was moving.

The work was performed by a company of attack UAVs of the 47th OMBr

#Russianarmy #Russianlosses

🛩️💥🇷🇺 A good video of a #FPV drone hitting 2 occupants. One of which tried to defend itself seems like a big bucket.

The attack was carried out with the support of the #Sternenko community by the forces of #RONINY .

Result:
-2 Russian soldiers
-1 bucket (accidental loss)

“wah enak bgt pudingnya hari ini, besok aku mau pesen 10” - amadey & dania

Min pêşmergey Kurdistanim
Amadey cergey meydanim
Be ser û mal û jiyanim
Eyparêzim nîştîmanim

Dest le çekim hell nagirim
Yan ser ekewim yan emirim

Min pêşmergey Kurdistanim
Amadey cergey meydanim

Be ser û mal û jiyanim
Eyparêzim nîştîmanim

Amadey #loader dashboard

#Amadey propagated via compromised USB similar TTPs observed before. Probably same TA 🧐

USB > .lnk > .ps1 > 'Runtime Broker.exe'

S1
🔗s://arstechnica.]com/civis/members/frncbf22.1062014/about/

S2
👾 s://evinfeoptasw.]dedyn.]io/updater.php?from=USB1

#amadey c2 that was discovered a while ago on 5.42.64.44 is still active and now recently the ip 91.92.250.47 was observed to be spreading the stealer malware.

Do not download the files outside a secure environment.

the 91.92.250.47 will be taking down shortly from now

🔒 Login panel #Amadey #Stealer

🌐 #opendir : 62.204.41[.78

💻 Panel URL: 62.204.41[.78/8BvxwQdec3/

🔍 Query to urlscan.io:
page.url:'8BvxwQdec3'

📡 Other:
194.116.215[.177/8BvxwQdec3/

FAQ page of the latest(4.13) Amadey. If you know, you know…

Amadey CNC targeting with new unique TTP at
h[x][x]p://77[.]91[.]68.52/fuza/1.ps1

$ie_procinfo = Start-Process iexplore -ArgumentList 'accounts.google.com' -passthru
Start-Process -FilePath Chrome -ArgumentList 'accounts.google.com'

Alexander Kovalenko Уже меньше техники стало.

Acercándose a los desarrolladores de infostealer: Resumen y charlas rechazadas.
#Redline #Vidar #meduza #amadey #malware #infosec #cybersecurity

g0njxa.medium.com/approaching-st…

We will be mostly AFK for the remainder of the weekend. It is the weekend of rest – not just Sunday:)

Next week we will be adding new malware builders: Amadey (Panel), MetaStealer, and 'Сборка 2.0'. We don't know what Сборка 2.0 (Russian for 'Build 2.0') is.

Have a cat.

New #rc4 key & HTTP URI found in ProxyBot #Socks5Systemz described earlier in bitsight.com/blog/unveiling… 👾

C2: 88.80.147[.]36:1074
tria.ge/231123-g7kkvag…
gchq.github.io/CyberChef/#rec…

Thanks Eugene !

برمجيات سرقة المعلومآت منتشره بكثره، بل نجدها تتلون في أشكال مختلفة من المحتويات التي يبحث عنها المستخدم بشكل يومي، ومن أبرزها LummaC2, Redline, Raccoon, Amadey, , Formbook.
وهنا تقرير مبسط يوضح هدفها وأشكالها: socradar.io/the-anatomy-of…
#الامن_السيبراني

Українська правда ✌️ Хай нам тоді третину Чехії подарує як компенсацію втрачених територій.

Новинарня Він блять сказав, що військові за власні кошти боєприпаси до автоматів купують та інші БК - скажіть чесно, він йобнутий, чи просто росіяни йому платять за таку рідкісну хрінь?

#APT #BlindEagle APT-C-36 #amadey #AsyncRat #threat

📍🇨🇴
💥🇨🇴🇵🇦🇪🇸🇪🇨

⛓️ #Phishing > Doc > #Lnk | #vbs > Download payload | #Amadey + Steal info > Dll reflection > Persistence > Download stage > #AsyncRAT injection (InstallUtil)

🔗360 Threat Intelligence: mp.weixin.qq.com/s?__biz=MzUyMj…

Unpacking a recent active #Amadey sample
yara rule to detect the unpacked sample: github.com/xRY0D4N/Yara-R…
#malware