This post is by a banned member (RGShadow1) - Unhide
07 February, 2022 - 02:15 PM
[font]Hope this works, liked [/font]
This post is by a banned member (Heaven) - Unhide
15 February, 2022 - 10:01 PM
1 match for rule TAIDOOR - Chinese RAT by Ariel Millahuel from SOC Prime Threat Detection Marketplace
This RAT was discovered by CISA. Taidoor is installed on a target’s system as a service dynamic link library (DLL) and is comprised of two files. The first file is a loader, which is started as a service. The loader decrypts the second file, and executes it in memory, which is the main Remote Access Trojan (RAT). View rule View matches 53 matches for rule Nibiru detection (Registry event and CommandLine parameters) by Ariel Millahuel from SOC Prime Threat Detection Marketplace The NIBIRU ransomware encrypts the victim’s files with a strong encryption algorithm until the victim pays a fee to get them back. It's seems to be that a new variant family of NIBIRU ransomware [NIBIRU.RSM] is actively spreading in the wild. View rule View matches 1 match for rule K8h3d campaign (Sysmon detection) by Ariel Millahuel from SOC Prime Threat Detection Marketplace The k8h3d attack campaign combines a Monero cryptominer and a worm module which exploits EternalBlue to gain lateral movement. View rule View matches 2 matches for rule Disable of ETW Trace by @neu5ronFlorian Roth, Jonhnathan Ribeiro, oscd.community from Sigma Integrated Rule Set (GitHub) Detects a command that clears or disables any ETW trace log which could indicate a logging evasion. View rule View matches 4 matches for rule File deletion via CMD (via cmdline) by Ariel Millahuel from SOC Prime Threat Detection Marketplace Detects "cmd" utilization to self-delete files in some critical Windows destinations. ![[Image: VNimEzP.gif%20Hproxy.com%20Resisdential%20Proxies]](https://imgur.com/VNimEzP.gif%20Hproxy.com%20Resisdential%20Proxies) Check it out Hproxy.com Wanna advertise your Service for free? ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓ t.me/heavensmarketplace
This post is by a banned member (Barry) - Unhide
18 February, 2022 - 04:33 PM
@BillalAi0
file got checked by @ ![[Image: uWztodn.gif]](https://i.imgur.com/uWztodn.gif) ![[Image: 9Oq6tka.gif]](https://i.imgur.com/9Oq6tka.gif) PRIVATEALPS.NET - Offshore Cloud Services - Dedicated Servers - TOR Friendly - DMCA Ignored
Instant Deploy Telegram : @PrivateAlps Paid Advts Above----> I don't own above linked services, contact respective ownesr of the services for queries and issues |
| Create an account or sign in to comment | ||
| You need to be a member in order to leave a comment | ||
|
Create an account
Sign up for a new account in our community. It's easy!
|
or |
Sign in
Already have an account? Sign in here.
|
![[Image: mk-41.gif]](https://i.ibb.co/ZKGs0Pd/mk-41.gif)
