Igal Lytzki🇮🇱(@0xToxin) 's Twitter Profile Photo
Igal Lytzki🇮🇱
@0xToxin

1 year ago

'Fw: Copia de transferencia bancaria'

malspam campaign distributing .7z archive that contains inside of it .NET loader which loads malware.

both initial loader and the logger itself can be found here:
bazaar.abuse.ch/browse/tag/Mas…

haven't seen masslogger in a while...

'Fw: Copia de transferencia bancaria' malspam campaign distributing .7z archive that contains inside of it .NET loader which loads #MassLogger malware. both initial loader and the logger itself can be found here: bazaar.abuse.ch/browse/tag/Mas… haven't seen masslogger in a while...
account_circle
Jiří Vinopal(@vinopaljiri) 's Twitter Profile Photo
Jiří Vinopal
@vinopaljiri

1 year ago

and again in action 😊 config extraction in minute 🙏🫡🥳
💙

Script + comments again available here:
gist.github.com/Dump-GUY/7114b…

#PowerShell and #reflection again in action 😊 #Masslogger config extraction in minute 🙏🫡🥳 #dotnet 💙 Script + comments again available here: gist.github.com/Dump-GUY/7114b…
account_circle
Ptrace Security GmbH(@ptracesecurity) 's Twitter Profile Photo
Ptrace Security GmbH
@ptracesecurity

3 years ago

Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach fireeye.com/blog/threat-re…

Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach fireeye.com/blog/threat-re… #ReverseEngineering #Malware #Flare #CyberSecurity #Infosec
account_circle
الشبيبة(@shabiba) 's Twitter Profile Photo
الشبيبة
@shabiba

3 years ago

نشرة الأخبار الأسبوعية حول الأمن السيبراني من عبر :

🔹برمجيات ضارة تستهدف معالج أبل الجديد

🔹ثغرات أمنية في SHAREit

🔹Masslogger يعود لأستهداف أنظمة ويندوز

Oman Data Park

account_circle
Josh Stroschein | The Cyber Yeti(@jstrosch) 's Twitter Profile Photo
Josh Stroschein | The Cyber Yeti
@jstrosch

3 years ago



hxxp://awa-kenya[.]com/Img/

#opendir #masslogger #agenttesla hxxp://awa-kenya[.]com/Img/
account_circle
Andreas Klopsch(@hackingump1) 's Twitter Profile Photo
Andreas Klopsch
@hackingump1

3 years ago

I published an article at GDATA Cyberdefense AG about the .NET Malware MassLogger

analysis

gdatasoftware.com/blog/2020/06/3…

I published an article at GDATA Cyberdefense AG about the .NET Malware MassLogger #malwareanalysis #malware #reverseengineering #masslogger gdatasoftware.com/blog/2020/06/3…
account_circle
Lokesh(@Loki_RE_artist) 's Twitter Profile Photo
Lokesh
@Loki_RE_artist

3 years ago

hosted on with option
http[:]//deltacontrol.net.pk/cpp/ an firm

C2: mail[.]privateemail.com-seen in

James JAMESWT MalwareHunterTeam Brad Florian Roth Vitali Kremez Malwrologist Few Atoms

#Masslogger #Malware hosted on #OpenDir with #Upload option http[:]//deltacontrol.net.pk/cpp/ an #Pakistan firm C2: mail[.]privateemail.com-seen in #AgentTesla #hawkeye @James_inthe_box @JAMESWT_MHT @malwrhunterteam @malware_traffic @cyb3rops @VK_Intel @DissectMalware @FewAtoms
account_circle
Times of Oman(@timesofoman) 's Twitter Profile Photo
Times of Oman
@timesofoman

3 years ago

Malware targeting new Apple processor, SHAREit has vulnerabilities , and Masslogger returning to target Windows systems

Oman Data Park

account_circle
S⃣ A⃣ S⃣ A⃣(@gorimpthon) 's Twitter Profile Photo
S⃣ A⃣ S⃣ A⃣
@gorimpthon

3 years ago

v2.0.0.0

C2:
mail.markhamautoglass[.]ca

DropURL:
hxxp://donya-almesmar[.]com/vendor/symfony/filesystem/Tests/micc[.]exe

app.any.run/tasks/c6957bea…

#malspam #MassLogger v2.0.0.0 C2: mail.markhamautoglass[.]ca DropURL: hxxp://donya-almesmar[.]com/vendor/symfony/filesystem/Tests/micc[.]exe app.any.run/tasks/c6957bea…
account_circle
Joul Kouchakji(@Jouliok) 's Twitter Profile Photo
Joul Kouchakji
@Jouliok

3 years ago


Panel: //yatesassociates.co[.]za/panel/
Samples in opendir: //searisevet[.]com/asdmins/

abuse.ch MalwareHunterTeam JAMESWT Jake | JCyberSec_ Spam404

#malware #MassLogger #panel Panel: //yatesassociates.co[.]za/panel/ Samples in opendir: //searisevet[.]com/asdmins/ @abuse_ch @malwrhunterteam @JAMESWT_MHT @JCyberSec_ @Spam404
account_circle
JAMESWT(@JAMESWT_MHT) 's Twitter Profile Photo
JAMESWT
@JAMESWT_MHT

1 year ago

109.206.241[.81/htdocs/ 465 samples

etc
👇
urlhaus.abuse.ch/host/109.206.2…
👇Backup👇
bazaar.abuse.ch/sample/7bb432c…

109.206.241[.81/htdocs/ #opendir 465 samples #AsyncRAT #njRAT #Formbook #RemcosRAT #AgentTesla #RecordBreaker #NetWire #orcusrat #StormKitty #RedLineStealer #MassLogger #vjw0rm #AveMariaRAT #a310Logger #QuasarRAT etc 👇 urlhaus.abuse.ch/host/109.206.2… 👇Backup👇 bazaar.abuse.ch/sample/7bb432c…
account_circle
Josh Stroschein | The Cyber Yeti(@jstrosch) 's Twitter Profile Photo
Josh Stroschein | The Cyber Yeti
@jstrosch

3 years ago

Added maldoc templates from Feb 22 - 26.

Families: SilentBuilder, TrickBot, Hancitor, Dridex, AsyncRAT, Quakbot, MassLogger, Formbook

github.com/jstrosch/malwa…

Added maldoc templates from Feb 22 - 26. Families: SilentBuilder, TrickBot, Hancitor, Dridex, AsyncRAT, Quakbot, MassLogger, Formbook github.com/jstrosch/malwa…
account_circle
Chris(@phage_nz) 's Twitter Profile Photo
Chris
@phage_nz

3 years ago

More attachments, more success? 🤷‍♂️ Masslogger: tria.ge/210125-hre94gw… Azorult EXE: tria.ge/210125-wskyly3… Azorult maldoc: tria.ge/210125-wskyly3…

More attachments, more success? 🤷‍♂️ Masslogger: tria.ge/210125-hre94gw… Azorult EXE: tria.ge/210125-wskyly3… Azorult maldoc: tria.ge/210125-wskyly3…
account_circle
Mauricio Amaro L. 🇨🇱🇲🇽(@CioAmaro) 's Twitter Profile Photo
Mauricio Amaro L. 🇨🇱🇲🇽
@CioAmaro

3 years ago

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials j.mp/3aPeluS
nology

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials j.mp/3aPeluS #Infosec #CyberSecurity #CyberAttack #Hacking #Privacy #Threat #Malware #Ransomware #Cyberwarning #Phishing #SpyWare #Tech #Technology
account_circle
Blue Team News(@blueteamsec1) 's Twitter Profile Photo
Blue Team News
@blueteamsec1

3 years ago

Masslogger campaigns exfiltrates user credentials dlvr.it/Rv05K9

Masslogger campaigns exfiltrates user credentials dlvr.it/Rv05K9 #cyber #threathunting #infosec
account_circle
SkyVPN(@SkyVPN) 's Twitter Profile Photo
SkyVPN
@SkyVPN

3 years ago

👇Masslogger Swipes Microsoft Outlook, Google Chrome Credentials
buff.ly/3qwIAfj

address leak security attack crime

👇Masslogger Swipes Microsoft Outlook, Google Chrome Credentials buff.ly/3qwIAfj #microsoft #google #chrome #outlook #ip #ipaddress #ipleak #cybersecurity #cyberattack #cyber #security #malware #vpn #skyvpn #cybercrime #threats #hackers #databreachs #infosec #netsec
account_circle
Paula Piccard(@Paula_Piccard) 's Twitter Profile Photo
Paula Piccard
@Paula_Piccard

3 years ago

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials





bit.ly/3azCVQf

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials #cybersecurity #riskmanagement #phishing #malware #Infosec #cyberthreats #ramsomware #hacking #dataprotection #privacy #dataleak #informationsecurity #cyberattacks #databreach bit.ly/3azCVQf
account_circle
ANY.RUN(@anyrun_app) 's Twitter Profile Photo
ANY.RUN
@anyrun_app

3 years ago

Hey! Wanna make your malware analysis wider? Use ANYRUNs interactivity! sends auth info in plain text. Copy&paste domain, login&password through Remote ClipBoard and collect info about infected systems!
Thanks James for the sample! app.any.run/tasks/774c4490…

Hey! Wanna make your malware analysis wider? Use ANYRUNs interactivity! #Masslogger sends auth info in plain text. Copy&paste domain, login&password through Remote ClipBoard and collect info about infected systems! Thanks @James_inthe_box for the sample! app.any.run/tasks/774c4490…
account_circle
watoly(@wato_dn) 's Twitter Profile Photo
watoly
@wato_dn

3 years ago



ヘルプファイル(.chm)経由でのpowershell実行

ペイロードは
tria.ge/210415-69etdxa…

先月見かけたときのペイロードはMassLoggerでした

#malspam ヘルプファイル(.chm)経由でのpowershell実行 ペイロードは #agenttesla tria.ge/210415-69etdxa… 先月見かけたときのペイロードはMassLoggerでした
account_circle
reecDeep(@reecdeep) 's Twitter Profile Photo
reecDeep
@reecdeep

1 year ago

by

➡️hxxps://www.med-luxury-apartment.gr/masslogg.deploy

🔥c2 via FTP:
fxp://st05[.]net
2nd11[@]st05[.]net

urity

#Masslogger #Malware by #Guloader #CloudEye ➡️hxxps://www.med-luxury-apartment.gr/masslogg.deploy 🔥c2 via FTP: fxp://st05[.]net 2nd11[@]st05[.]net #CyberSec #infosecurity #infosec
account_circle