Skip to content

Instantly share code, notes, and snippets.

Blevene Blevene

  • PANW
Block or report user

Report or block Blevene

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am blevene on github.
  • I am blevene (https://keybase.io/blevene) on keybase.
  • I have a public key whose fingerprint is 2046 672C F8CC E352 CDD9 2A5A AC7E 6308 7228 C78D

To claim this, I am signing this object:

View EyePyramidSamples
5847072fd4db9e83d02d8b40a1d67850
f41be516fa8da87a269845c9ea688749
b39a673a5d2ceaa1fb5571769097ca77
9d3ce3246975ae6d545ee9e8ba12d164
ed46b42aa7460b2ab2a70f472b4a287b
c547a30fa39f22e2093b51ed254bb1c2
05b8edc9ee53407a595a6d62c8b9f0fd
3c30f0114c600510fdb2573cc48d5c06
12f3635ab1de63fbcb5e1c492424c605
6b97b80896ef64039018c7184b2308c3
View Google Docs Worm Callbacks
googledocs.docscloud.download
googledocs.docscloud.info
googledocs.docscloud.win
googledocs.g-cloud.pro
googledocs.g-cloud.win
googledocs.g-docs.pro
googledocs.g-docs.win
googledocs.gdocs.download
googledocs.gdocs.pro
googledocs.gdocs.win
@Blevene
Blevene / Jaff Hashes
Created May 11, 2017
Jaff Ransomware hashes from 5/11/207
View Jaff Hashes
3ec65af6980912c524f39056cbe59ee36f8dbe3388b8dee6d8b96c26b0d93ac4
b8995f41b658fef5254430865dd8b1e4bafeacf1ccb25a039afc6e8c28f21875
84b866419987e0b25a12d860858f847541ad501b2aa3bb0aa5c6bbeefe76fee8
91d7433fc106172b8de564dbacd8489806a652223d5b93ea51593027e13ef087
a53901d231325c016ea584cb4e0f1076801de695690138a57500312573fbbc44
59f30cc60faefacd60327e0562a6fd885d6d7f343658ea7843e56cf8725b8443
5c6922ae1df26173400440b4d73a52adc3bccdb37c4a855bc8013d5882bdc7fa
9e57c1b4e2c29ac381c5a02d2800beb7c31a111025252a4848695c31c0ef15b6
a4fd6245425fa23983153cda2d6b05b131c72843a26dcf66aca7fefb603675bc
42198c66ce639bc5b796cf3edc247dacae42099f5c2cfee55c401888bf378c81
@Blevene
Blevene / Wcry Hashes
Last active Jun 8, 2017
Wcry/WanaCrypt
View Wcry Hashes
09a46b3e1be080745a6d8d88d6b5bd351b1c7586ae0dc94d0c238ee36421cafa
149601e15002f78866ab73033eb8577f11bd489a4cea87b10c52a70fdf78d9ff
190d9c3e071a38cb26211bfffeb6c4bb88bd74c6bf99db9bb1f084c6a7e1df4e
24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c
2584e1521065e45ec3c17767c065429038fc6291c091097ea8b22c8a502c41dd
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982
593bbcc8f34047da9960b8456094c0eaf69caaf16f1626b813484207df8bd8af
5ad4efd90dcde01d26cc6f32f7ce3ce0b4d4951d4b94a19aa097341aff2acaec
7c465ea7bcccf4f94147add808f24629644be11c0ba4823f16e8c19e0090f0ff
9b60c622546dc45cca64df935b71c26dcf4886d6fa811944dbc4e23db9335640
@Blevene
Blevene / WCry UK + ES
Created May 12, 2017
Wcry/WannaCryptor 2.0 Hashes
View WCry UK + ES
4a468603fdcb7a2eb5770705898cf9ef37aade532a7964642ecd705a74794b79
24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c
b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
View gist:6aff12fb83c0ad481246f1a68943f9bb
HKLM\SYSTEM\ControlSet001\services\Jklmno\Description , Value:Jklmnopq Stuvwxyab Defghij Lmnopqrs Uvw
View Petya aka NotPetya aka Fuckya
64b0b58a2c030c77fdb2b537b2fcc4af432bc55ffb36599a31d418c7c69e94b1
027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745
View UnknownLoader
41e698c7f1febdb53b9b7eae0f48fd93949602d0631d6f6b7dc0768958f7107a
6f681a0f9405d128c143e7ebb3feb5856daddcecf7f7470ac61e6c597f564173
c0991e1099bb260b71bf5398a98527a99f07154c9701a649b7ba1c66785bd3df
6294e0dacade2097d7f9455c966db65d2c5306bf705e11f176826dec5a1a1644
aa8216a859d49acdfdef302eed42b178d94ee03a88a1453d85061bd1d13763aa
e176c5e755146f40a4dbb01e4c7ebf0d0c8464b364198e682b646f19dc49d836
d2b1423746fe69febe62d89cca5b59c900189eaca2016b5b62d440762c8518ad
381754c11d86714845582a9197e324d9144dc471c428ecf8e1f78e392bd9f675
504ba1abbcb196f67c2bb6bc1b0942f38199cf43ab573f702c2ca44081cec6fa
6f9ad8ffea96e22659d457f8154a80d6db8c7b3bc414b8215c120ddffa21f43a
View LinkNet IOCs
C2:
hxxp://4itiotvaski.ucoz.net/rat/core/users.info
hxxp://goglik.usite.pro/rat/core/users.info
hxxp://goglik.usite.pro/users/6_User/command.info
hxxp://ezzev3l.ucoz.net/rat/core/users.info
hxxp://ftprat.ucoz.com/rat/core/users.info
hxxp://site2017.usite.pro/rat/core/users.info
hxxp://decrypt1337.ucoz.net/rat/core/users.info
hxxp://linknet12.ucoz.net/rat/core/users.info
hxxp://zalmanxxx.usite.pro/rat/core/users.info
You can’t perform that action at this time.