찾아줄게요
FUN 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 FUN라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
FUN 파일은 JigSaw 암호화 파일 입니다. JigSaw에서 배포한 파일인 것으로 보입니다. 2017-10-18 21:29:33에 처음으로 보고되었으며 2017-10-18 21:29:33에 마지막으로 보고되었습니다.
-
JigSaw 프로그램을 다운로드하여 FUN 파일을 열 수 있습니다.
-
JigSaw 랜섬웨어 암호화 파일
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-07 00:21:00] @killamjr #malware #qbot https://app.any.run/tasks/a8785302-6c45-4f32-92d2-5e37298a02bc/ payload urls: hXXp://thousandsyears download/div/44376.8555986111.jpg hXXp://voopeople fun/div/44376.8555986111.jpg hXXp://uppercilio fun/div/44376.8555986111.jpg dll: https://www.virustotal.com/gui/file/2b56efdd9d771bce51087101ac109c30b81e29e583c0178d33b90ad0128d9ba8/detection
-
[2021-07-04 08:32:43] @bad_packets “Blockchain can eliminate the TCP/IP’s fundamental security flaws.” https://web.archive.org/web/20210703220948/ https://www.rsaconference.com/library/blog/understanding-blockchain-security
-
[2021-06-29 04:30:38] @Arkbird_SOLG @c3rb3ru5d3d53c @malwrhunterteam You can see the convert the hex code of the sequences to asm code. here for the opcodes in x86 : http://ref.x86asm.net/coder32.html Have fun ;-)
-
[2021-06-28 22:42:54] @micham Kids exploring "fun" on the Internet .. even nowadays. Good morning! #Note: URL seems #phishy though. smelling like targeting @Roblox users. https://www.virustotal.com/gui/url/392f97b0634bb627b540660c4cf4d7f104155f109413067a27f3efc6738912eb/detection https://twitter.com/micham/status/1409537799796137985/photo/1
-
[2021-06-28 13:55:38] @yvesago #phishing s://portail.elitefunnels.com ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1409405109604433941/photo/1
-
[2021-06-26 03:06:06] @InQuest Some fresh. low detection (4/63) #qbot with a new coercive lure to add within https://inquest.net/malware-lures-gallery https://labs.inquest.net/dfi/sha256/20a72dc5350b296f2857911444fa065f5b0bb437be8d1bc61819cf29828a2955 A fun pivot on the XMP ID shows 4 related samples ingested from MalwareBazaar @abuse_ch https://labs.inquest.net/dfi/search/ioc/xmpid/xmp.did%3A0728ABF7826CEB11B13BD96D1C4ED12D @James_inthe_box @dmoore21 @bigmacjpg https://twitter.com/InQuest/status/1408516873457651712/photo/1
-
[2021-06-23 23:58:06] @malwareforme Fun little unknown #stealer C2 mimicking @Akamai akadns; contains #opendir. Targets various crypto wallets. various browser saved data (pwds. cc. cookies. etc). as well as 2fa and pwd manager extensions. https://www.virustotal.com/gui/file/6bde10caf2a906e88ab47ee8a0ff14e94a2dafa6f740bb8ab4bd21bc1fe234ea/detection https://twitter.com/malwareforme/status/1407744788502396930/photo/1
-
[2021-06-22 02:42:18] @James_inthe_box New #snip3 image: af844593.png https://drive.google.com/file/d/1_6E08X3ZH8Z_E_YYKFuNkOax-ZXQHlcu/view so far seen: exchangexe2021.ddns.net as the #asyncrat c2. cc @LNadav
-
[2021-06-22 01:39:27] @GossiTheDog If anybody wants some funny. shitty malware - hunt on this: https://www.virustotal.com/gui/file/cab6d2df593387a6ee9648ea012b8ae3a8de6e1d39fcd8fd75f249aeadb2281d/summary https://twitter.com/rudjosu/status/1406608544355454987
-
[2021-06-21 04:41:38] @dubstard @clevybencheton http://sony.com/en/SonyInfo/IR/library/presen/er/pdf/19q4_supplement.pdf Kinda funny how apple iPhones use Sony cameras. and thus Sony makes a ton of $ from this. but can't even muster up a phone of their own. Maybe their terrible naming convention drove sales to practically subzero values. Strong LG vibes. https://twitter.com/dubstard/status/1406728976844746755/photo/1
-
[2021-06-16 01:39:15] @InQuest Here is a interesting #dropper https://labs.inquest.net/dfi/hash/0dde111712db81b5a70d9cf35f5e1fcd5d585c62f678a5db66d2a166ef3a3399 The DLL has a unique sleep function.. Transmits sys info. sleeps. then downloads https://www.virustotal.com/gui/file/8706d795cd8bb75b11e3b3e5606decee08596cb613059b10c6ec1df70099b761/detection to inject into explorer.exe. All strings are decrypted with a special algorithm prior to execution. #malware https://twitter.com/InQuest/status/1404871139466285059/photo/1
-
[2021-06-15 21:20:51] @3xp0rtblog A new Chaos Ransomware. a second version of "Ryuk" with a changed name and some new functions. https://virustotal.com/gui/file/743a031dca7639f2c6835c28da157217ba5f7e523a5627b18b91481aa6e54017/ https://app.any.run/tasks/1858db1c-c633-42c9-95b1-be193eda04ce https://twitter.com/SecurityJoes/status/1402603695578157057 https://twitter.com/3xp0rtblog/status/1404806110993911826/photo/1
-
[2021-06-14 13:38:46] @pollo290987 #DuckyStealer #Apocalypsestealer CS GO SKIN CHANGER.exe MD5: 14be79aa92c3ebc51f734367ac317844 C2: /apocalypsee.fun/corona/corona.php?ci= https://twitter.com/pollo290987/status/1404327435739467778/photo/1
-
[2021-06-13 00:08:41] @lazyactivist192 Hey. for #settlersaturday. I'd really appreciate it if folks could donate to this fund for a local houseless advocate org. ServeThePeople https://gofund.me/a254ade3 We do food/clothing/literature serves with pretty much everything coming from our own pockets. Anything helps!
-
[2021-06-06 20:56:26] @aaqeel87 spreading #phishing link on #facebook messenger Titled: #coke care fund survey! Arabic content https://www.virustotal.com/gui/url/557592f2ecc484b06925cda0edfa737590d9da3fe77766964c67b189729a5dfc/detection https://twitter.com/aaqeel87/status/1401538477104283651/photo/1
-
[2021-06-01 14:20:01] @bfh_hesb http://abuse.ch. die bekannte Plattform zum Schutz vor #Cyber-Bedrohungen. geht eine Partnerschaft mit der BFH ein. Für Verwaltung. Industrie und Forschung stehen Open Data sowie Möglichkeiten für die Bekämpfung von Cyber-Bedrohungen zur Verfügung. https://fal.cn/3fLue
-
[2021-05-21 03:30:50] @neoxmorpheus1 Angeblichen tabellarischen Lebenslauf als Anlage erhalten? Eine .img-Datei ist kein Bild! Die darin vorgetäuschte .bmp(.lnk)-Datei ist eine Verknüpfung und ebenfalls kein Bild! Nicht öffnen! https://bazaar.abuse.ch/sample/b5bc90bc98e749201c3a0e131ca665748439bdde3adaf4d9f19de6e878707dd7/ https://twitter.com/neoxmorpheus1/status/1395477135809302530/photo/1
-
[2021-05-17 17:36:18] @sairamtata99 Links access chese mundhu vaati reputation(good/bad) check cheyandi Some open source free tools 1. https://www.urlvoid.com/scan/roundyearfun.me/ 2. https://www.virustotal.com/gui/home/search 3. https://urlscan.io/ 4. https://transparencyreport.google.com/safe-browsing/search?hl= en https://twitter.com/cheeks4042/status/1394202341264420873
-
[2021-05-07 02:32:39] @Kostastsale #Dridex continues strong this week delivered via google drive links. Today's xlsm was a funny one using symantec content to convince the users to enable macros ???? Analysis and sample: https://bazaar.abuse.ch/sample/c7f087e92507157e83babac2eee14f7bee2c8348651c07843de28ffeb4c41b11/ https://twitter.com/Kostastsale/status/1390389064273072129/photo/1
-
[2021-05-07 00:05:00] @James_inthe_box @h2jazi Link: https://speednet.fun/files/app-provider/getApp https://twitter.com/James_inthe_box/status/1390351905356873731/photo/1
-
[2021-05-06 23:47:05] @mirraxFTC @A_Houghton37 If litecoin can get to top 10 with old. neglected. obsolete and function-less wallet that looks like this: https://www.virustotal.com/gui/file/bd38a1d5d4ac1ca4246f9534032a369b0f3cd38fb2aa82c66010642fa72e65f7/detection NXS can go to no. 2. straight after BTC
-
[2021-05-06 22:23:02] @h2jazi Bits10.exe 86f17802671d9958aabb22bd368150a5 C2: speednet.fun 104.21.22.100
-
[2021-04-27 23:08:04] @Arkbird_SOLG @h2jazi Indeed. this time. that in clear. Funny to see exploiting the fact that mshta ignore the header recognition in its processing of information so we can put and execute an HTA page with a JS script after the valid header of a BMP or other image header. https://bazaar.abuse.ch/sample/0996a8e5ec1a41645309e2ca395d3a6b766a7c52784c974c776f258c1b25a76c/ https://twitter.com/Arkbird_SOLG/status/1387076085410586624/photo/1
-
[2021-04-18 03:44:46] @1nternaut YARA-rule that covers #SaintBot .NET dropper decryption function. https://pastebin.com/BnZ6gUzs https://www.virustotal.com/gui/file/b0b0cb50456a989114468733428ca9ef8096b18bce256634811ddf81f2119274/detection https://twitter.com/1nternaut/status/1383521842443395082/photo/1
-
[2021-04-17 07:47:01] @MBThreatIntel Tech support scam #browlock targeting ????????. Source: adult malvertising jpfftapr.fun/150421jp-8554 Phone: 050-5534-8554 https://twitter.com/MBThreatIntel/status/1383220418081792000/photo/1
-
[2021-04-16 06:37:45] @lazyactivist192 Figured I'd get in on the #Cobaltstrike identifying fun. here's all the CS servers I found with my scanners this week https://gist.github.com/Jquinn147/48e2053308c68ec8ec592a83714e5a67
-
[2021-04-09 09:15:39] @InQuest ???? Malicious Office document found hosted at: https///sls-cloudfunction-ap-guangzhou-code-1252222501.cos.ap-guangzhou.myqcloud.com/1.dotm SHA256: 9701dfa41e88b4d3ee40ddd48a09ae237251449bb5e9b062cbf6d5b720e71415 IOC extracted from sample: https://labs.inquest.net/dfi/hash/4b980e2e1f654cfd0050df8579670eb693070a7e35eb1255f6bf93f13fb5d530
-
[2021-04-07 14:21:31] @hexfati criminals making fun of people: md5: c5e413f5acffaa4fb0d108391cbd5de9 brian-krebs-erectile-dysfunction.com ???? @briankrebs https://www.virustotal.com/gui/file/f556c9b4e5bb463be84dead45a9aedcf8bec41c1c2b503ea52719357943750e7/relations
-
[2021-04-06 15:03:19] @bl4ckh0l3z @malwrhunterteam @craiu @ESET @LukasStefanko @craiu no similarities with SideWinder from here. Steal????sms ☎️call logs ????contacts ????files ????geo-locate and ????record mic ????️C2: filehosting.link ⚠️Supposed to be a work-in-progress. 'cause of pkg name. and implemented but not invoked funcs (e.g. AES-enc). https://twitter.com/bl4ckh0l3z/status/1379343952030134272/photo/1
-
[2021-04-03 13:43:01] @JAMESWT_MHT Interesting Sample from @malwrhunterteam >Yara>Cobalt_functions>@J0SM1 https://bazaar.abuse.ch/sample/4c68ec51ff205e05f1f5d3f2f89a96b4d42437996fa8cfc1e630319b2f4c4f05/ C2: 192.168.111.128:4444 Extra Samples 192.168.111.128 not necessarily correlated (#CobaltStrike / #MeterPreter / #Rozena) https://bazaar.abuse.ch/browse/tag/192.168.111.128/ cc @bryceabdo @sugimu_sec https://twitter.com/malwrhunterteam/status/1378058689848954881 https://twitter.com/JAMESWT_MHT/status/1378236578854793217/photo/1
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터