Obrientg<p>Trying something new with <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> and posting my spam <a href="https://infosec.exchange/tags/UCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UCE</span></a> <a href="https://infosec.exchange/tags/UBE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UBE</span></a> and suspect / <a href="https://infosec.exchange/tags/malicious" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malicious</span></a> <a href="https://infosec.exchange/tags/emails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>emails</span></a> and their associated attachments. Putting everything in a <a href="https://infosec.exchange/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> post was problematic with space limitations, and was hard to find/organize/search. </p><p>Providing the redacted headers and URLs to the malware sandboxes used: </p><p><a href="https://github.com/obrientg/Analysis/blob/main/Fri%2C%2025%20Oct%202024%20JS%20Phish.AAL" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/obrientg/Analysis/b</span><span class="invisible">lob/main/Fri%2C%2025%20Oct%202024%20JS%20Phish.AAL</span></a> </p><p>Received two (2) of the same samples, with different file names & hashes but the same detection of JS/Phish.AAL <br>Both were sent to the email address I use for threat intel & incident response collaboration efforts. <br>Email SRC on both was Google Cloud (<a href="https://infosec.exchange/tags/GCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GCP</span></a>) with an <a href="https://infosec.exchange/tags/openproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openproxy</span></a>, abuse reporting submitted. </p><p><a href="https://infosec.exchange/tags/MD5" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MD5</span></a> 5cf33dd39d6db60423ac89fd63e5f500<br><a href="https://infosec.exchange/tags/SHA1" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SHA1</span></a> 863c95b7e7ff0bb8299cbae93dfaed12cc619332<br><a href="https://infosec.exchange/tags/SHA256" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SHA256</span></a> c4e40b137e43c89261ee89a34db843477a8c994a21a92c98c7b15193face8c35</p><p><a href="https://infosec.exchange/tags/MD5" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MD5</span></a> 8a9af78b0a4cdade6df9f71e7e5b1362<br><a href="https://infosec.exchange/tags/SHA1" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SHA1</span></a> b03fdf0891adacc1995fdd1e2f043343c20a45e5<br><a href="https://infosec.exchange/tags/SHA256" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SHA256</span></a> 317aaea9d9ef39c9b85b9ce6e0f68ec83a06b2f3298aded981b19063b2f44737</p><p><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/incidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>incidentResponse</span></a> <a href="https://infosec.exchange/tags/malwareAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malwareAnalysis</span></a> <br><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/informationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>informationSecurity</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/cyberz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberz</span></a> <a href="https://infosec.exchange/tags/cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyber</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <br><a href="https://infosec.exchange/tags/phish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phish</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <br><a href="https://infosec.exchange/tags/threatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatIntel</span></a> <a href="https://infosec.exchange/tags/IoC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IoC</span></a> <a href="https://infosec.exchange/tags/threatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatIntelligence</span></a> <a href="https://infosec.exchange/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberthreatintelligence</span></a> <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTI</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.
Administered by:
Server stats:
277active users
toad.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#openproxy
0 posts · 0 participants · 0 posts today
IrishMASMS<p>today's <a href="https://defcon.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> submission </p><p><a href="https://www.filescan.io/uploads/6616c4a3279698d249ed44de/reports/7f0283ad-ac3f-4c6f-a095-0908860e1747/overview" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">filescan.io/uploads/6616c4a327</span><span class="invisible">9698d249ed44de/reports/7f0283ad-ac3f-4c6f-a095-0908860e1747/overview</span></a></p><p>from our "friends" at <a href="https://defcon.social/tags/quadranet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>quadranet</span></a> <br>in <a href="https://defcon.social/tags/LA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LA</span></a> <br>another <a href="https://defcon.social/tags/openproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openproxy</span></a> <br><a href="https://defcon.social/tags/spammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spammers</span></a> <a href="https://defcon.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://defcon.social/tags/malicious" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malicious</span></a> <a href="https://defcon.social/tags/maliciousexe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>maliciousexe</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload