I hereby claim:
- I am myrtus0x0 on github.
- I am myrtus0x0 (https://keybase.io/myrtus0x0) on keybase.
- I have a public key ASCf_HnDZQ6GS1SUwBnXXC8LP5rGfGQyPsvuy-OWgMgDBAo
To claim this, I am signing this object:
myrtus0x0
/ Keybase.md
Created
July 23, 2019 23:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "asyncrat": [ | |
| "osinte555555.gotdns.ch:8808", | |
| "chongmei33.publicvm.com:2703", | |
| "185.244.30.92:49746", | |
| "liligharba5.ddns.net:8808", | |
| "79.134.225.92:49714", | |
| "79.134.225.99:7707", | |
| "ipmdegismismalcry.duckdns.org:6606", | |
| "ipmdegismismalcry.duckdns.org:7707", |
myrtus0x0
/ hancitor_conf.py
Last active
December 3, 2020 08:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import malduck | |
| import binascii | |
| import sys | |
| import hashlib | |
| from loguru import logger | |
| import collections | |
| import math | |
| import json | |
| import pefile |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "formbook": [ | |
| "http://www.evana-rohanihijab.com/iic6/", | |
| "http://www.alsagranit.info/rhk/", | |
| "http://www.deejayatl.com/khm/", | |
| "http://www.afrogurls.com/wzpq/", | |
| "http://www.themagiczones.com/llp/", | |
| "http://www.maggiesdelibellyllc.com/th7/", | |
| "http://www.mompndo.com/h2h/", | |
| "http://www.transparentpetcrate.com/lnb/", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://4buzz8.com/assets/e3eae3840b8fa080c8f229058/dc006fcd34/efd7bf4ffb93fb636ff34d8/540f3d8/d483b51/lxgo13?bqx=349a68d&pnzw=ff6ce3f6dd1&gfzoy=b0af780 | |
| http://ad7slender3.com/assets/14cd2d50093d30b7187784ae354c7e6cc3acab2b94c0219ed4790fc8384842c5c/b009659d1a6c6/9c2/lxgo11?zb=3d14211&bv=e93f193&pfu=dfdd36296d260d47&pg=e8128a | |
| http://7major8.com/assets/3521b7f4226386/8d0695b3128181922218/8187a73c/lxgo3?pfq=558431ca9e2d30da&rmjqv=939c6c2e85981e&uvyt=dff51&rcdoc=c62dc5fb2c37d | |
| http://5matrix7.com/assets/c70/1c13aa6382b1cd68c0378ed5c3849fecbb5fc664e3/8cfd09e5ded2d0712db43d9/a2/61e0/lxgo5?lke=f9644b9942ffdc&psbpq=3e0f5df4e3cf&vwqn=aba305f9c1dbfc&ntg=6ab799&es=2dd96e8005 | |
| http://b0ainvite8.com/assets/61c49247ed84415bb/e2a5be1c82639e1607/a0944c95c40962e/45a/8d75ca6f3c91/lxgo2?wvbl=3c4e293ab5&rn__k=e2314b0&mn_=a7e1de9f63a4458&kszo=8c22f64a4&qgepj=72027049a26d301 | |
| http://c1then3.com/assets/f53fce9047572aa616eebc4a6c65060ee/31f630/lxgo11?fd=7a1088a79bca2403e&kbrwq=16de4a08b9be&cv=e7b31ae&lcqb=c82eadd159 | |
| http://fd4system2.co |
myrtus0x0
/ IcedID_05_27_2021.txt
Last active
May 28, 2021 05:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IcedID Loader Analysis: https://tria.ge/210527-hbm3mnwxba/static1 | |
| IcedID Staging Server: immotransfer.top | |
| IcedID Loader Project ID: 3103751915 | |
| IcedID Core Analysis: https://tria.ge/210528-2l6cjyejka/static1 | |
| IcedID Core C2s: ventuaustria.digital klosterrion.casa vindurualeg.art fungitomik.top | |
| IcedID Core Project ID: 1812348480 | |
| IcedID Core URI: /news/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Doc: https://www.virustotal.com/gui/file/cf7a4cebce2586f9dad4a49975fb26f2ccc7968400dddddf449058998645bf0d | |
| Doc url: http://lopezcoinz[.]com/adda/67270/Jro4DRgVaC5inYI/Bt0KLfMB9kXwZBv6ZpTsny68TqAhIQjrAaLKJeTLQn/arASpMADNe9u19Kylnkoreo7zASjqM/eEx0/9b4h5e2fMcQgeIbFTRhkKeSzfU/nwSFB7eISkV/vowi11 | |
| IcedID Loader Analysis: https://tria.ge/210525-tf6mrs32sa/static1 | |
| IcedID Staging Server: mappingmorrage[.]top | |
| IcedID Loader Project ID: 582124465 | |
| IcedID Core C2s: fimlubindu.top vindurualeg.top esaquell.website extrimefigim.top | |
| IcedID Core Project ID: 1220140090 |
myrtus0x0
/ IcedID_05_28_2021.txt
Created
May 29, 2021 01:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IcedID Dropper: https://www.virustotal.com/gui/file/050c1de7f14ede2ca5a685154c04147f2059829211db549ade7dcee20ccf7aa1/detection | |
| IcedID Dropper Analysis: https://tria.ge/210529-43lxbf6xhs | |
| IcedID Loader Analysis: | |
| IcedID Staging Server: lascakatheather.shop | |
| IcedID Loader Project ID: 1810231353 | |
| IcedID Core Analysis: https://tria.ge/210529-1bgps32nex | |
| IcedID Core C2s: garrozalibbo.click disponfirules.top mislinororv.top twistcolseza.top | |
| IcedID Core Project ID: 81538452 |
myrtus0x0
/ IcedID_06_02_2021.txt
Last active
June 2, 2021 15:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IcedID Dropper: https://tria.ge/210602-583wb5ekva | |
| IcedID Dropper Analysis: https://tria.ge/210602-583wb5ekva | |
| IcedID Dropper URL: http://turngas2008z.com/adda/Z4CKCzJsZLz8s7e1/iOuESLghxyuWpr1A46cHBNRgCdmIc/3VCKJVxOIM45tzrpZTl8IQ06C1a/x1CoWhmFmc/sose1?t3S5j=f5srA&cid=RPZixfk4BkPnuaJ2bmJoaZ&pFr8=s4HZZGlL&search=G5fKbl8HfIS7kgGQqBicZPU3YxgK&user=7DeyvKUpKarTdnVbJk&id=uzDNQrIxQDvHtJIDcQzb&search=GhWy06DDsSHeUAK3GHQkEbCL&search=BYE1xx | |
| IcedID Loader Analysis: | |
| IcedID Staging Server: zverrokodo.live dietarydog.top | |
| IcedID Loader Project ID: 4171503952 | |
| IcedID Core Analysis: https://tria.ge/210602-b9zcb1d8e2 | |
| IcedID Core C2s: ventuaustria.digital klosterrion.casa vindurualeg.art fungitomik.top |
myrtus0x0
/ IcedID_06_03_2021.txt
Last active
June 3, 2021 15:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IcedID Dropper: https://tria.ge/210603-8gevner432 | |
| IcedID Dropper Analysis: https://tria.ge/210603-8gevner432 | |
| IcedID Dropper URL: http://povertyboring2020b[.]com/adda/ZMoDqRO/61231/8SwW54zjWxbcX7nbOaAnKvOluuubeYBvIhDo9hwsfiLLeaj/gD1foHFdVZVXItqa4Be5RmXpqcHoA61IJx3DFtmP/38077/dog6?ref=IuessTO4 | |
| IcedID Loader Analysis: https://tria.ge/210603-8gevner432 | |
| IcedID Staging Server: calciumasta.top | |
| IcedID Loader Project ID: 531791608 | |
| IcedID Core Analysis: https://tria.ge/210603-rhnyldpjqa | |
| IcedID Core C2s: fimlubindu.top vindurualeg.top bigcostarikas.top extrimefigim.top |
OlderNewer