nuke86

enigmaticamente.it
comfortfoodie.it/cl.html
bazeel-pisa.it/cl.html
www.stampa3dterni.it/cl.html
www.ludovicamasci.it
centraleagricola.it/d0r.html
reddemann.it/o.htm
http://www.nuovapropostaroma.it/rizki.html
www.acdcampora.it
www.mukki.it/pepe.html

nuke86

File code.,
Policy code.,
Policy version counter.,
Object type code,
Object sequence counter,
mct code,
Technical product code,
Commercial product code,
Structure code,
Structure description,

nuke86

$ identify -ping -verbose 1.png 
Image:
  Filename: 1.png
  Format: PNG (Portable Network Graphics)
  Mime type: image/png
  Class: DirectClass
  Geometry: 465x621+0+0
  Units: Undefined
  Colorspace: sRGB
  Type: TrueColor

nuke86

##### COURTESY
# @CuratedIntel
# https://curatedintel.org
#
# @CryptoCypher 
# GitHub: crypto-cypher

##### BACKGROUND
# Inizialmente condiviso sul forum ransomware RAMP
# Ultima condivisione sul sito Web di data leaks ransomware Groove

nuke86

WIN-ENVD/Z/ddd/dec/cisqj_decoded.docx,cisqj_decoded.docx,11.Aug.2021,194.25kB
WIN-ENVD/Z/ddd/dec/cisqsecuritycompliancereport_decoded.docx,cisqsecuritycompliancereport_decoded.docx,11.Aug.2021,115.56kB
WIN-ENVD/Z/ddd/dec/cisqsecuritydetailedreport_decoded.docx,cisqsecuritydetailedreport_decoded.docx,11.Aug.2021,117.90kB
WIN-ENVD/Z/ddd/dec/cisqsecurityfulldetailedreport_decoded.xlsx,cisqsecurityfulldetailedreport_decoded.xlsx,11.Aug.2021,17.33kB
WIN-ENVD/Z/ddd/dec/cisquj_decoded.docx,cisquj_decoded.docx,11.Aug.2021,125.76kB
WIN-ENVD/Z/ddd/dec/clientcreationtemplate_decoded.xlsx,clientcreationtemplate_decoded.xlsx,11.Aug.2021,14.13kB
WIN-ENVD/Z/ddd/dec/clientdc1_decoded.xlsx,clientdc1_decoded.xlsx,11.Aug.2021,9.77kB
WIN-ENVD/Z/ddd/dec/clientdetailstemplate_decoded.xlsx,clientdetailstemplate_decoded.xlsx,11.Aug.2021,14.12kB
WIN-ENVD/Z/ddd/dec/clientinstalls-fenergoinstallationguide8.6amber_decoded.pdf,clientinstalls-fenergoinstallationguide8.6amber_decoded.pdf,11.Aug.2021,421.94kB
WIN-ENVD/Z/ddd/dec/clientinstal

nuke86

Risultati URLs filtrati
1
https://security-jpmorganchase.serveuser.com/jmwntk=
2
https://security-jpmorganchase.serveuser.com/myaccount/access.php?websrc=e17ea285ad581008aac6b89b49ab879e&dispatched=42&id=8221378907
3
https://security-jpmorganchase.serveuser.com/myaccount/billing.php?websrc=e17ea285ad581008aac6b89b49ab879e&dispatched=81&id=9958934826
4
https://security-jpmorganchase.serveuser.com/myaccount/vbv.php?websrc=e17ea285ad581008aac6b89b49ab879e&dispatched=86&id=7121007546
5

nuke86

var td_2d=td_2d||{};td_2d.td_3O=function(td_n,td_Y){var td_V=[""];var td_T=0;for(var td_X=0;td_X<td_Y.length;++td_X){td_V.push(String.fromCharCode(td_n.charCodeAt(td_T)^td_Y.charCodeAt(td_X)));td_T++;if(td_T>=td_n.length){td_T=0;
}}return td_V.join("");};td_2d.td_1g=function(td_q){this.td_c=td_q;this.td_d="";this.td_f=function(td_d,td_L){if(0===this.td_d.length){var td_j=this.td_c.substr(0,32);var td_y="";for(var td_S=32;td_S<td_q.length;
td_S+=2){td_y+=String.fromCharCode(parseInt(td_q.substr(td_S,2),16));}this.td_d=td_2d.td_3O(td_j,td_y);}return this.td_d.substr(td_d,td_L);};};td_2d.td_2c=function(td_Q){if(td_Q===null||td_Q.length===null){return null;
}var td_J=null;try{var td_j="";var td_U=[];var td_h=String.fromCharCode(48)+String.fromCharCode(48)+String.fromCharCode(48);var td_v=0;for(var td_F=0;td_F<td_Q.length;++td_F){if(65+td_v>=126){td_v=0;}var td_P=(td_h+td_Q.charCodeAt(td_v++)).slice(-3);
td_U.push(td_P);}var td_T=td_U.join("");td_v=0;for(var td_F=0;td_F<td_T.length;++td_F){if(65+td_v>=126){td_v=0;