sysopfb
@sysopfb
Followers
4K
Following
723
Media
63
Statuses
947
Threat Intel as a reverse-engineer in Crimeware domain. Dubbed "Malware Mangler" by TheRegister. [email protected]
Joined August 2016
Maksim Yakubets was indicted but treasury department also went after Evil Corp, what is really interesting is all the alluding to them being linked to FSB and as it turns out Yakubets is married to the daughter of Eduard Bendersky. w/ Joshua Platt @ WSJPro in Charlotte, NC 1/3
3
11
28
https://t.co/H48GQgHevx Kudos to GitHub they were taking stuff down very fast
medium.com
By: Jason Reaves
0
3
16
DFIRReport pastebin link also lines up with one of the pastebins I saw in my blog - "cLika3dt";
thedfirreport.com
Key Takeaways The threat actor gained initial access by a fake Zoom installer that used d3f@ckloader and IDAT loader to drop SectopRAT. After nine days of dwell time, the SectopRAT malware dropped …
Auto decoding IOCs from Arechclient and the onboard browser extension they drop
0
0
5
Auto decoding IOCs from Arechclient and the onboard browser extension they drop
medium.com
By: Jason Reaves
0
2
6
https://t.co/PQQO0fTMgQ go through a little of the panel they are using for the fake invites also
medium.com
By: Jason Reaves and Joshua Platt
0
5
10
Samples look like stealers. Some of the recent ones being Lumma placekeawe(.my
I got drained, fully drained. Hi everyone, I'm just coming to share with you all the worst day of my life, and how it happened so that you guys don't ever have to pass through it. Thread below.
2
0
4
Was fun to dig back into some inject systems
medium.com
By: Jason Reaves, Joshua Platt and Jonathan McCay
0
5
10
Hadn't seen this mentioned for stealc before? b717c966167148b7178e67727be7ac55d76d82acab88782e798e477a00abdd8b
0
3
16
Also an interesting overlap in code signing cert, a SpectreRAT and Blackmoon/KRBanker samples
1
0
3
