Broad Analysis @broadanalysis - Twitter Profile

Broad Analysis @BroadAnalysis

almost 2 years ago

Is Sentinel one still working. Asking for a friend.🤓

0

162

Broad Analysis @BroadAnalysis

almost 2 years ago

A good follow - @JohndCyber

0

1

0

171

Broad Analysis @BroadAnalysis

about 2 years ago

#FakeBrowserUpdate Making me work for it. DYI infection. Payload - rtattack.baqebei1[.]online Payload - cdnforfiles[.]xyz

1

13

7

4

2K

BroadAnalysis retweeted

ExecuteMalware @executemalware

almost 3 years ago

It looks like this is another guest at the #fakesocgholish party. Similarities to #rogueraticate but the initial download is a .rar file containing a Java-based .exe and a Java runtime environment. https://t.co/GGknd9lp7H

executemalware's tweet photo. It looks like this is another guest at the #fakesocgholish party. Similarities to #rogueraticate but the initial download is a .rar file containing a Java-based .exe and a Java runtime environment.
https://t.co/GGknd9lp7H https://t.co/v9jhaQFrrT

1

43

20

3

7K

Who to follow

Karsten Hahn

@struppigel

MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️‍⚧️

#malware hunter & analyst. Opinions are my own.

BroadAnalysis retweeted

First Watch Cyber Security @FirstWatchCyber

almost 3 years ago

NOT #SocGholish but #FakeSG as reported by Malwarebytes and other great Security Researchers. #pcap Avail. #IoC #TTP #MitreAttack https://t.co/4UKXMHpQ9S pcap - https://t.co/lXsChVNNIG

FirstWatchCyber's tweet photo. NOT #SocGholish but #FakeSG as reported by Malwarebytes and other great Security Researchers. #pcap Avail. #IoC #TTP #MitreAttack
https://t.co/4UKXMHpQ9S
pcap - https://t.co/lXsChVNNIG https://t.co/DQwLz2vZT0

1

8

2

1

1K

BroadAnalysis retweeted

First Watch Cyber Security @FirstWatchCyber

almost 3 years ago

#SocGholish #pcap #IoC sandwiches.tropipackfood[.]com eyc.rfc.zitoprohealth[.]com asfgze[.]fun nbjhllilknbjldk[.]top https://t.co/lXsChVNNIG

FirstWatchCyber's tweet photo. #SocGholish #pcap #IoC
sandwiches.tropipackfood[.]com
eyc.rfc.zitoprohealth[.]com
asfgze[.]fun
nbjhllilknbjldk[.]top

https://t.co/lXsChVNNIG https://t.co/qqXZQ2cDsG

0

18

5

2

2K

Broad Analysis @BroadAnalysis

about 3 years ago

Check-out APPENDIX. Good TTP's - #BianLian #Ransomware https://t.co/2Mq17iCYIW

0

1

0

544

Broad Analysis @BroadAnalysis

about 3 years ago

94.158.244[.]69 - POST /c2sock #LummaStealer #C2

0

7

3

1

2K

Broad Analysis @BroadAnalysis

about 3 years ago

#RigEK #LummaStealer #Exploit #C2 cryptotdsinc[.]xyz - Redirect popmag[.]xyz - Redirect popwertcrypt[.]xyz -Redirect 78.111.88[.]94 - RigEK C2 82.117.255[.]127 - Lumma Stealer C2 https://t.co/L3z32ZcfHi

BroadAnalysis's tweet photo. #RigEK #LummaStealer #Exploit #C2
cryptotdsinc[.]xyz - Redirect
popmag[.]xyz - Redirect
popwertcrypt[.]xyz -Redirect
78.111.88[.]94 - RigEK C2
82.117.255[.]127 - Lumma Stealer C2

https://t.co/L3z32ZcfHi https://t.co/77gw64VRsQ

1

27

9

2

5K

Broad Analysis @BroadAnalysis

about 3 years ago

#socgholish #fakeupdate - trackrecord.wheresbecky[.]com and some redirects to domain

0

6

1

0

1K

Broad Analysis @BroadAnalysis

over 3 years ago

@HerbieZimmerman @HuntressLabs Congratulations!!

1

0

99

Broad Analysis @BroadAnalysis

over 3 years ago

@Gi7w0rm @AnFam17 @DanInglis_ popwertcrypt[.]xyz/hd63hd

0

48

Broad Analysis @BroadAnalysis

over 3 years ago

#RigEK #Exploit is still a thing. Exploit's IE 11. Dropped something or other. 188.227.58[.]76 https://t.co/OilnPFj3TB

3

50

21

4

14K

Broad Analysis @BroadAnalysis

over 3 years ago

@ebbe37 @malwrhunterteam Do the best you can.

0

1

0

114

Broad Analysis @BroadAnalysis

over 3 years ago

#socgholish #NetSupportRat SocGholish Stage1 - taxes.rpacx[.]com SocGholish Stage2 - hjgk67kg[.]xyz SocGholish Stage3 - *.asset.tradingvein[.]xyz NetSupportRat C2 - 52226asdiobioboioie[.]com (IP 94.158.244.38)

BroadAnalysis's tweet photo. #socgholish #NetSupportRat
SocGholish Stage1 - taxes.rpacx[.]com
SocGholish Stage2 - hjgk67kg[.]xyz
SocGholish Stage3 - *.asset.tradingvein[.]xyz
NetSupportRat C2 - 52226asdiobioboioie[.]com (IP 94.158.244.38) https://t.co/tVYHJC0SSr

1

20

7

1

4K

Broad Analysis @BroadAnalysis

over 3 years ago

#socgholish #fakebrowserupate Original loader hosted at navyseal.digijump[.]online - reaches out to *.shrubs.emptyisland[.]pics

BroadAnalysis's tweet photo. #socgholish #fakebrowserupate Original loader hosted at navyseal.digijump[.]online - reaches out to *.shrubs.emptyisland[.]pics https://t.co/RXJ5AOO7dH

0

5

4

1

3K

Broad Analysis @BroadAnalysis

over 3 years ago

@HerbieZimmerman @Ledtech3 Very sad news. Praying for him and family.

0

3

0

244

Broad Analysis @BroadAnalysis

over 3 years ago

@thebairam Right is just osquery monitoring processes

0

Broad Analysis @BroadAnalysis

over 3 years ago

#bumblebee #loader 51.83.250[.]102 downloads #CobaltStrike #C2 naporiz[.]com. Injects C:\Program Files\Windows Photo Viewer\ImagingDevices.exe.

$BroadAnalysis's tweet photo. #bumblebee #loader 51.83.250[.]102 downloads #CobaltStrike #C2 naporiz[.]com. Injects C:\Program Files\Windows Photo Viewer\ImagingDevices.exe. https://t.co/kWAwhlEQoy$

0

31

12

2

0

Broad Analysis @BroadAnalysis

over 3 years ago

#bumblebee loader #C2 - 103.144.139[.]135

0

4

0

Broad Analysis

@BroadAnalysis

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users