URLScan
Powered by URLScan.io, see original Report.
Community
Engines
Overall
URLScan
Screenshots May contain NSFW images
Links
-
hxxps://blog[.]xpnsec[.]com/building-a-mach-o-memory-loader-part-1/
-
hxxps://securelist[.]com/bad-magic-apt/109087/
-
hxxps://github[.]com/horizon3ai/CVE-2023-27532
-
hxxps://volatility-labs[.]blogspot[.]com/2023/03/memory-forensics-r-d-illustrated-detecting-hidden-windows-services[.]html
-
hxxps://twitter[.]com/ACEResponder/status/1638602038912098309?s=20
-
hxxps://github[.]com/xforcered/Windows_LPE_AFD_CVE-2023-21768
-
hxxps://github[.]com/MountCloud/FireKylin
-
hxxps://twitter[.]com/r3dbu7z/status/1630139806649839616
-
hxxps://twitter[.]com/malmoeb/status/1638073382670311425?s=20
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_appdata_pathtraversal_nov22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523webshell_php_jul22_4/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_mal_exfil_stealer_output_characteristics_sep22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_obfusc_bat_mar23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_py_exec_import_aug22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_ps1_invoke_expression_may22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523hktl_clash_tunneling_tool_aug22_2/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_py_reverse_shell_indicators_jan23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_pua_outlook_redemtpion_mar23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_js_redirector_mar23/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_obfusc_js_execute_base64_mar23/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_rar_with_file_macroenabled_msoffice_content_jun22/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523hktl_pua_systeminformer_nov22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_iso_phishattachment_password_in_body_jun22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523expl_susp_outlook_cve_2023_23397_exfil_ip_mar23/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_vba_kernel32_imports_jun22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_wevtutil_clearlogs_sep22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_js_obfusc_feb23_2/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523hktl_ps1_hoaxshell_pattern_aug22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523mal_hoaxshell_ps1_encoded_payload_oct22/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523hktl_ps1_hoaxshell_payloads_nov22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_start_min_temp_jan23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_ps1_loader_indicators_dec22_2/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_iso_in_zip_small_may22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_py_obfusc_hyperion_aug22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_ps1_powershell_recon_mar23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_vbs_downloadcradles_jul22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_obfusc_obfs4_may22/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_msf_msfvenom_indicator_jan23_1/comments
-
hxxps://www[.]virustotal[.]com/gui/search/%2523susp_encoded_registry_key_paths_sep22_1/comments
-
hxxps://www[.]virustotal[.]com/gui/file/deff53ff95af97742083746152426035c2867825a16791af577c03fdda3d8e8b/detection
-
hxxps://www[.]virustotal[.]com/gui/file/537677b30d59180060267696b5b8dd89d97e7a03d51f7cc99351494c5dae31cb/detection
-
hxxps://www[.]virustotal[.]com/gui/file/1ce355bc9f077264273960cc17653a263eac9bdd79ccb7547c2970a3b27b6330/detection
-
hxxps://www[.]virustotal[.]com/gui/file/11c61a4dd41abc21f7b19cea06c059c399dcfe8daa36e3abf0f85f443c2eedd5/detection
-
hxxps://www[.]virustotal[.]com/gui/file/eb34720caa04185b7727cddac2b5d27ef62495e333b1f44ef082b0a1e368ef14/detection
-
hxxps://www[.]virustotal[.]com/gui/file/2629d0123e51202210abdc74a7101f5d5919836d4761a36f93bd83aaa09a8f33/detection
-
hxxps://www[.]virustotal[.]com/gui/file/6f63ee88eec26d1bce5732b1052fde27faa8e156d1ff221fb87bb0851288300f/detection
-
hxxps://www[.]virustotal[.]com/gui/file/7b6ce4da3ed8fe0e616b4ebbc50d714b89d02bd0599aabf2a4d141e1993bd147/detection
-
hxxps://www[.]virustotal[.]com/gui/file/b32b93385f5aef68a66dd989bbc22c004cf39416c19c2bea16253eaf9842cdb5/detection
-
hxxps://www[.]virustotal[.]com/gui/file/69917f2c87a602be0194a151f70d107d337e2b2f8b98dbe1d01669976b866738/detection
-
hxxps://www[.]virustotal[.]com/gui/file/1ec3bc0b25ee5171202de3f00532ed6a0283d4df2f471345ea7abed4a27270bc/detection
-
hxxps://www[.]virustotal[.]com/gui/file/c1537cae24bb17df71acfdc3a29bcafe93375d2dea07e9d64b349bc8f6b2a9cb/detection
-
hxxps://www[.]virustotal[.]com/gui/file/e70a1c0d8f01be3d363480e00eb88d6dfdf70bbeaf8321c2bf434d6bea691ea8/detection
-
hxxps://www[.]virustotal[.]com/gui/file/b081e9b49fdf345627e97f198236de10b1afbdca80ed2e009d94768664317aec/detection
-
hxxps://www[.]virustotal[.]com/gui/file/b2c1785f4a40874a95fa2eceff5990e2f1c71c052db63c7c773c7f72945b88df/detection
-
hxxps://www[.]virustotal[.]com/gui/file/65aff9f14c56952bd63cde820502f838ae22129b306ae1359950c90869dd92d8/detection
-
hxxps://www[.]virustotal[.]com/gui/file/164236ad37735bc1dab9f22a569bfba3e9252dfcea2ff466f269cd3f2bcc2c82/detection
-
hxxps://www[.]virustotal[.]com/gui/file/090a4688890826d1d8ad0e43cccd9f0b40426c71326cc6dad45bd3dc8d763ec8/detection
-
hxxps://www[.]secureworks[.]com/research/shadowpad-malware-analysis
-
hxxps://blooteem[.]com/march-2022
-
hxxps://github[.]com/redcanaryco/atomic-red-team/blob/master/atomics/T1078[.]003/T1078[.]003[.]md#atomic-test-3---create-local-account-with-admin-privileges-using-sysadminctl-utility---macos
-
hxxps://www[.]zscaler[.]com/blogs/security-research/onenote-growing-threat-malware-distribution
-
hxxps://www[.]trendmicro[.]com/en_us/research/23/c/iron-tiger-sysupdate-adds-linux-targeting[.]html
-
hxxps://twitter[.]com/aceresponder/status/1636116096506818562
-
hxxps://www[.]trustedsec[.]com/blog/critical-outlook-vulnerability-in-depth-technical-analysis-and-recommendations-cve-2023-23397/
-
hxxps://www[.]welivesecurity[.]com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/
-
hxxps://www[.]cybereason[.]com/blog/research/operation-ghostshell-novel-rat-targets-global-aerospace-and-telecoms-firms
-
hxxps://www[.]documentcloud[.]org/documents/5743766-Global-Threat-Report-2019[.]html
-
hxxps://businessinsights[.]bitdefender[.]com/deep-dive-into-a-backdoordiplomacy-attack-a-study-of-an-attackers-toolkit
-
hxxps://learn[.]microsoft[.]com/en-us/dotnet/core/diagnostics/dotnet-dump#dotnet-dump-collect
-
hxxps://learn[.]microsoft[.]com/en-us/windows/security/identity-protection/credential-guard/credential-guard
-
hxxps://infosecwriteups[.]com/amsi-bypass-new-way-2023-d506345944e9
-
hxxps://blog[.]cyble[.]com/2022/06/07/bumblebee-loader-on-the-rise/
-
hxxps://www[.]mandiant[.]com/resources/blog/iranian-threat-group-updates-ttps-in-spear-phishing-campaign
-
hxxps://learn[.]microsoft[.]com/en-us/sysinternals/downloads/sysmon
-
hxxps://securelist[.]com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/
-
hxxps://sysdig[.]com/blog/mitre-defense-evasion-falco
-
hxxps://github[.]com/fortra/impacket/blob/f4b848fa27654ca95bc0f4c73dbba8b9c2c9f30a/examples/wmiexec[.]py
-
hxxps://docs[.]tenable[.]com/nessus/Content/CredentialedChecksOnWindows[.]htm
-
hxxps://www[.]tenable[.]com/plugins/nessus/91990
-
hxxps://de[.]tenable[.]com/blog/threat-hunting-with-yara-and-nessus
-
hxxps://github[.]com/carbonblack/cb-yara-connector
-
hxxps://www[.]fireeye[.]com/blog/products-and-services/2018/12/detect-and-block-email-threats-with-custom-yara-rules[.]html
-
hxxps://www[.]nextron-systems[.]com/thor/