Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @reecdeep
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @reecdeep
-
Pinned Tweet

#Gozi#Ursnif#Malware Enel themed targets#Italy
h/t @58_158_177_102
santaliny.]org
c2: willeam.]net
2nd stage: https://app.any.run/tasks/18b1da40-5c5e-4655-ba4f-b22214809dcc …
@AgidCert@merlos1977@matte_lodi@luc4m@Bl4ng3l@Gabry89@VirITeXplorer@FBussoletti@securityaffairs#infosec#CyberSecuritypic.twitter.com/BC4h8yitXL
Thanks. Twitter will use this to make your timeline better. UndoUndo -
reecDeep Retweeted
SMISHING
Dopo lattacco ransomware subito da Enel, ecco una campagna di sms phishing avente ad oggetto un fantomatico “rimborso Enel”.
Dominio registrato oggi su @tucows IoC: enel-m[.]com cc/@AndreaDraghetti@D3LabIT@reecdeep@AgidCertpic.twitter.com/t3IgomJ4wi
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#leaked#opendir reveals internal juicy infos from#Ursnif#Gozi#Malware campaing targeting#Italia#italy
@AgidCert@guelfoweb@merlos1977@matte_lodi@luc4m@Bl4ng3l@Gabry89@VirITeXplorer@FBussoletti@securityaffairs#infosec#CyberSecurity https://twitter.com/reecdeep/status/1321020916625776640?s=20 …pic.twitter.com/92jgrsvyy7
Thanks. Twitter will use this to make your timeline better. UndoUndo -
reecDeep Retweeted
2020-10-27
#Enel colpita di nuovo da#ransomware. Questa volta è#NetWalker a colpire@EnelGroupIT a rubare 5 TB di dati. A giugno era stata colpita da#Snake@AgidCert@guelfoweb@csirt_it@arturodicorinto@JAMESWT_MHT@58_158_177_102@BleepinComputerpic.twitter.com/0WR89iqGfG
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
reecDeep RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-

#Remcos#Malware back hitting#Italy
using Discord
"Nuovo ordine ottobre"
https://app.any.run/tasks/c05755c4-b1f3-4ddf-a3b1-9e368976d6fc …
hxxps://cdn.discordapp.com/attachments/720370823554138118/767966561939750932/Ttyjvcx
rromaniitalfoodsinc.zapto[.org
@guelfoweb@VirITeXplorer@58_158_177_102#infosecpic.twitter.com/nh05NUFsJ4
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Malware#MassLogger targets#Italy
"MOU Conditions"
R19 > CHM > PS > RegAsm
hxxp://optovision.gr/4B.jpg
med-star.]gr
https://app.any.run/tasks/61a8f81c-2c67-4615-b690-2b17b064191c …
@guelfoweb@AgidCert@merlos1977@matte_lodi@luc4m@Dr_N0b0dyh@Bl4ng3l@VirITeXplorer@csirt_it@FBussoletti#infosecThanks. Twitter will use this to make your timeline better. UndoUndo -
#Loader#Malware#Remcos "Download Plus 0.2.1"
downloads from hxxps://cdn.discordapp.com/attachments/753120711077396523/767644226720366602/Dcvg678
injects TapiUnattend
incidencias6645.ddns.]net
@guelfoweb@merlos1977@matte_lodi@VirITeXplorer@58_158_177_102#infosecpic.twitter.com/9tXxGixlxJ
Thanks. Twitter will use this to make your timeline better. UndoUndo -
#Malware#Ursnif#Gozi targets#Italy
"Nazionale Previdenza Sociale"
XLS>DLL>RUNDLL32
hxxp://service.technosolarsystems.com/installazione.dll
blogicompany.]com
@guelfoweb@AgidCert@merlos1977@matte_lodi@Bl4ng3l@VirITeXplorer@FBussoletti#infosec#CyberSecuritypic.twitter.com/J7KSr0MbsS
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#ZLoader#Malware targeting#Italy
"Tips on statement id7201"
XLS sample:
https://app.any.run/tasks/6c4a6475-6f5e-468a-a6d9-adc457c646f0 …
2nd stage:
https://app.any.run/tasks/8b117bad-f291-4b12-88da-0c2b79bfbea0 …
@guelfoweb@VirITeXplorer@James_inthe_box@malware_traffic@executemalware#infosec#CyberSecurityhttps://twitter.com/reecdeep/status/1317129307987345417?s=20 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#ZLoader#malware targeting#Italy
ashraydekho,com
ashraydekho,com
biotantra,info
breaktalks,com
aestheticscc,com
t20group,com
acpdd,cat
reach-me,co
rkhydraulic,com
procalterfineb,tk
sadarpursangbad,com
voldemarholding,ee
@James_inthe_box@guelfoweb#CyberSecuritypic.twitter.com/vl666ERHgM
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Malware#QRAT targeting#Italy
"In allegato una ricevuta della transazione"
JAR > JS
francis77.hopto[.org
https://app.any.run/tasks/4eb04a88-fad5-4444-b9ec-d308a2a62fd3 …
@guelfoweb@AgidCert@merlos1977@matte_lodi@luc4m@Dr_N0b0dyh@Bl4ng3l@VirITeXplorer@csirt_it@FBussoletti#infosec#CyberSecuritypic.twitter.com/kEObUPZqcc
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Multiple #Masslogger#Malware targeting#Italy
CHM > PS > REGASM
https://app.any.run/tasks/4dcbcdb1-5105-4cb6-9e91-008cd8c6a67f …
hxxp://hotelaretes.gr/V8.jpg
med-star[.gr
.NET > AddInProcess
https://app.any.run/tasks/3e46aa95-dee9-497b-a53a-983b7141674c …
mail.steinmetzoverseas.]net
@guelfoweb@AgidCert@csirt_it#infosec#CyberSecuritypic.twitter.com/QQIl9VFibt
Thanks. Twitter will use this to make your timeline better. UndoUndo -
reecDeep Retweeted
#jRAT strade alternative per una rapida analisi https://cert-agid.gov.it/news/jrat-strade-alternative-per-una-rapida-analisi/ …pic.twitter.com/z3dYHdfP2H
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Malware#Ursnif targets#Italy
link.tomshobbies,com
service.987images,com
stats.wadadliphoto,com
log.lenssexy,com
installazione.dll
windowsclassic.]co
107.174.86.134
107.175.127.22
@AgidCert@guelfoweb@VirITeXplorer@FBussoletti#infosec#CyberSecuritypic.twitter.com/rNEmJGdDDA
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Malware#JRAT targets#Italy
JAR > JS > NODE.JS
"DHL Express Shipment: AWB 0123456789/ 2nd REMINDER"
https://app.any.run/tasks/dd9bf9e0-861b-41e5-b58f-c17befd75278 …
ramos01.hopto[.org
@AgidCert@guelfoweb@Dr_N0b0dyh@VirITeXplorer@FBussoletti@58_158_177_102@executemalware#infosec#CyberSecuritypic.twitter.com/LM1GMgJPGp
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Phresh #Lokibot#Malware targets#Italy
"Ordine fornitore n. A/XXXXXXX"
https://app.any.run/tasks/25e32d38-6409-493f-a468-49f7c2696627 …
hxxp://xcpx.xyz/V3/five/fre.php
@AgidCert@guelfoweb@merlos1977@matte_lodi@Dr_N0b0dyh@VirITeXplorer@FBussoletti@executemalware@JRoosen#infosec#CyberSecuritypic.twitter.com/Tmdr7CJMyx
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Malware#MassLogger targets#Italy
"contract"
R04 > CHM > PS > InstallUtil
hxxp://jetfleet24.com/T5.jpg
akinitaviotias.]gr
https://app.any.run/tasks/e16cba6b-acaf-4955-8bba-844200f1dc22 …
@AgidCert@guelfoweb@Dr_N0b0dyh@VirITeXplorer@FBussoletti@58_158_177_102@csirt_it#infosec#CyberSecurityThanks. Twitter will use this to make your timeline better. UndoUndo -
reecDeep Retweeted
La campagna
#Ursnif che non colpisce Office 2010 e le conseguenze del MaaS https://cert-agid.gov.it/news/la-campagna-ursnif-non-supportata-da-office-2010-e-le-conseguenze-del-maas/ …pic.twitter.com/zYbLaYYvGA
Thanks. Twitter will use this to make your timeline better. UndoUndo -

#Dridex#Malware from#malspam h/t@58_158_177_102
hxxps://newmg532.wordswideweb.com/osn5u0wii.txt
c2
177.87.70.3:443
213.133.102.195:3889
27.254.174.93:33443
27.254.174.77:4443
@sugimu_sec@James_inthe_box@guelfoweb@theDark3d@gorimpthon#infosec#CyberSecuritypic.twitter.com/A8fCLegi4v
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

