FedSearch
@infosec_jcp πŸ†“πŸ¦πŸˆπŸƒ done differently · @infosec_jcp
253 followers · 1356 posts · Server infosec.exchange

Trapped & Traced 03-13-2023 from new AT&T Motorola Phone under ~$100 πŸ”Žβ˜£οΈπŸ€³πŸ‘€πŸ‘€πŸ”

ΒΉ From Virus Total Scanner:
virustotal.com/en/file/9b53e0e

GammaGroup.com Visual voicemail FinFisher Module 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g80

Β² From Virus Total Scanner:
virustotal.com/en/file/5387c9d

GammaGroup From FinFisher CarrierHub 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g13

Β³ From Virus Total Scanner:
virustotal.com/en/file/4333210

GammaGroup FinFisher Module MCMClient 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/gf3

⁴ From Virus Total Scanner:
virustotal.com/en/file/ae22b44 πŸ“¬ Gmail backdoor Client

GammaGroup FinFisher Module MTPHost 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g25

⁡
From Virus Total Scanner:
virustotal.com/en/file/727ed61

GammaGroup FinFisher Module MobileInstaller 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g5a

⁢ From Virus Total Scanner:
virustotal.com/en/file/87b87fc Motorola

GammaGroup FinFisher Module InvisibleNet 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g01

⁷ for apps list & tools involved

ΒΉ Firewall AI -πŸ”Ž Blocking / Host Lists πŸ”
Β² VirusTotal App πŸ”ŽπŸ€³πŸ’»β˜£οΈπŸ”
Β³ VirusTotal Forensics ENV Read-Only Account πŸ”Žβ˜£οΈπŸ”
⁴ PCAPdroid App - PCAP files / Host Lists πŸ”ŽπŸ—’οΈπŸ”
⁡ Textpad or Text file editor - πŸ”ŽπŸ“πŸ”
⁢ Web2 + Web3 posting πŸ‘¨β€πŸ’»πŸ‘©β€πŸ’»πŸ’»πŸ–₯οΈπŸ’ΏπŸ’ΎπŸ–¨οΈπŸ‘€πŸŽ§πŸ‘‚

β„’ β„’ by

#gammsgroup #finfisher #visualvoicemail #carrierhub #mcmclient #mtphost #mobileinstaller #InvisibleNET #gammagroup #finspy #Finsky #infosec #detectionkit #android #ssm #statesponsoredmalware #investigations #infosec_jcp

Last updated 1 year ago
Original post

@infosec_jcp πŸ†“πŸ¦πŸˆπŸƒ done differently · @infosec_jcp
253 followers · 1356 posts · Server infosec.exchange

Trapped & Traced 03-13-2023 from new AT&T Motorola Phone under ~$100 πŸ”Žβ˜£οΈπŸ€³πŸ‘€πŸ‘€πŸ”

ΒΉ From Virus Total Scanner:
virustotal.com/en/file/9b53e0e

GammaGroup.com Visual voicemail FinFisher Module 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g80

Β² From Virus Total Scanner:
virustotal.com/en/file/5387c9d

GammaGroup From FinFisher CarrierHub 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g13

Β³ From Virus Total Scanner:
virustotal.com/en/file/4333210

GammaGroup FinFisher Module MCMClient 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/gf3

⁴ From Virus Total Scanner:
virustotal.com/en/file/ae22b44 πŸ“¬ Gmail backdoor Client

GammaGroup FinFisher Module MTPHost 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g25

⁡
From Virus Total Scanner:
virustotal.com/en/file/727ed61

GammaGroup FinFisher Module MobileInstaller 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g5a

⁢ From Virus Total Scanner:
virustotal.com/en/file/87b87fc Motorola

GammaGroup FinFisher Module InvisibleNet 03-13-2023

New VT generated after Save:
virustotal.com/graph/embed/g01

⁷ for apps list & tools involved

ΒΉ Firewall AI -πŸ”Ž Blocking / Host Lists πŸ”
Β² VirusTotal App πŸ”ŽπŸ€³πŸ’»β˜£οΈπŸ”
Β³ VirusTotal Forensics ENV Read-Only Account πŸ”Žβ˜£οΈπŸ”
⁴ PCAPdroid App - PCAP files / Host Lists πŸ”ŽπŸ—’οΈπŸ”
⁡ Textpad or Text file editor - πŸ”ŽπŸ“πŸ”
⁢ Web2 + Web3 posting πŸ‘¨β€πŸ’»πŸ‘©β€πŸ’»πŸ’»πŸ–₯οΈπŸ’ΏπŸ’ΎπŸ–¨οΈπŸ‘€πŸŽ§πŸ‘‚

#gammsgroup #finfisher #visualvoicemail #carrierhub #mcmclient #mtphost #mobileinstaller #InvisibleNET #gammagroup #finspy #Finsky #infosec #detectionkit #android

Last updated 1 year ago
Original post

@infosec_jcp πŸ†“πŸ¦πŸˆπŸƒ done differently · @infosec_jcp
241 followers · 1139 posts · Server infosec.exchange
Open media

Today I got four more IP's from four different IP ranges calling back as app from a desperately trying to reach πŸ”Ž 's, , and another (not shown).πŸ”πŸ§™β€β™‚οΈπŸ€”

Edit: See attached direct IPs and FQDNs. ☣️

So desperate this β„’ πŸ‘€πŸ‘€ demo

#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware #forcedmdm

Last updated 1 year ago
Original post

@infosec_jcp πŸ†“πŸ¦πŸˆπŸƒ done differently · @infosec_jcp
241 followers · 1132 posts · Server infosec.exchange
Open media

Today I got four more IP's from four different IP ranges calling back as app from a desperately trying to reach πŸ”Ž 's, , and another (not shown).πŸ”πŸ§™β€β™‚οΈπŸ€”

Edit: See attached direct IPs and FQDNs. ☣️

So desperate this β„’ πŸ‘€πŸ‘€ demo

#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware

Last updated 1 year ago
Original post

@infosec_jcp πŸ†“πŸ¦πŸˆπŸƒ done differently · @infosec_jcp
239 followers · 1115 posts · Server infosec.exchange

#gammagroup #finfisher #finspy #Finsky #carrierhub #forcedmdm #virustotal

Last updated 1 year ago
Original post