찾아줄게요
BIT 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 BIT라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
BIT 파일은 Globe 암호화 파일 입니다. Globe에서 배포한 파일인 것으로 보입니다. 2017-10-19 17:25:42에 처음으로 보고되었으며 2017-10-19 17:25:42에 마지막으로 보고되었습니다.
-
Globe 프로그램을 다운로드하여 BIT 파일을 열 수 있습니다.
-
Globe 랜섬웨어 암호화 파일
Globe ransomware encrypted file -
How to restore files (hta)
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-06 06:17:36] @pollo290987 #Nitro #Ransomware Win32bit.exe 5a615891fcc57b57e9deffce6f559947 EXT: .givemenitro \AppData\Local\Temp\NR_decrypt.txt
-
[2021-07-05 19:16:28] @JAMESWT_MHT #sLoad #italy BigWave 05_07_2021 from #PEC spam email POSTA CERTIFICATA_XXXX.zip Some Samples https://bazaar.abuse.ch/browse/tag/documento-fiscale/ Some Urls 146.70.35.206 "C:\WINDOWS\system32\bitsadmin.exe" /transfer https://urlhaus.abuse.ch/browse/tag/documento-fiscale/ Urls/C2 Relations https://www.virustotal.com/gui/ip-address/146.70.35.206/relations https://www.virustotal.com/gui/ip-address/185.80.53.202/relations https://twitter.com/JAMESWT_MHT/status/1412022566487834624/photo/1
-
[2021-07-05 13:36:00] @binlmmhc #APT #BITTER old samples? RegAutorun name:v3.dll md5:8bb0e7738b9bcfe3790b553f889eca9e sha256:c0ec6dc25a57d69752f85ff6e162dd620973517099dd88f2e98dc4e31e722e11 https://www.virustotal.com/gui/file/c0ec6dc25a57d69752f85ff6e162dd620973517099dd88f2e98dc4e31e722e11/details
-
[2021-07-05 09:07:25] @ActorExpose BTC Mixer on Darkweb review https://bitcoinmixer.reviews/
-
[2021-07-05 02:14:43] @wwp96 #opendir #LokiBot @hexlax @JAMESWT_MHT hxxps://bit.ly/2UTaZBr hxxp://103.156.91.50/vbc/s.dot hxxp://185.110.190.5/gugufdre.php/NHNmTUOdS6fzz https://app.any.run/tasks/2c6db7b3-de44-4c4c-9071-6ccf2421b4e1/ https://twitter.com/wwp96/status/1411765432877568006/photo/1
-
[2021-07-04 14:52:52] @pollo290987 #bitRAT AsyncLocal.exe 1a396360a95a1b4b810f74e39a3e1b5d C2: /publiquilla.linkpc.net
-
[2021-07-04 01:08:18] @micham Hello @Baby_2_Sleep ! Please kindly wakeup for a bit and investigate your #popped #WordPress install. Currently 110 unique IP addresses (of which at least one is bad: 23.105.131.186) have accessed that @Chase #phishing page on your server???? Good luck! https://www.virustotal.com/gui/url/276538f7b1c1a15e8e2a138781d99e37f6e7e1e55b79925a03bf11a8237bf558/detection https://twitter.com/micham/status/1411386332178309124/photo/1
-
[2021-07-03 21:13:01] @TABComputerSys Need to check out a suspicious link? Try Virus Total https://bit.ly/3ypCMYV
-
[2021-07-03 00:48:46] @tolisec #Specter #Linux #Malware first reported by @JAMESWT_MHT analysis: https://bit.ly/3AmFVdF Connects to: 47.243.116.170:80 Writes 3 files: 1. /tmp/lib_cache/libc.so.0 2. /tmp/lib_cache/ld-uClibc.so.1 3. /tmp/lib_cache/libsystemd_daemon #ELF (VT 5/61) VT: https://bit.ly/2UlJNex
-
[2021-07-02 21:15:22] @InQuest ???? Malicious RTF document found hosted at: https///bit.ly/3wf712V SHA256: 782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588 IOC extracted from sample: https://labs.inquest.net/dfi/hash/95004ce72c4126abf44c49586cd277fcdad1ff2b2d463ecae509997786c24e2f
-
[2021-07-02 12:39:02] @ankit_anubhav Maldoc -> Websettings Abuse -> /bit.ly download -> another maldoc -> CVE-2017-11882 -> #Lokibot exe -> normal c2 fre.php connections. This week volume wise #Loki is very high. Stage 1 https://www.virustotal.com/gui/file/f06415d3df49d9c8f5ac780aaaed14d0cb28d7b24ad6fdac3d043485fd98159e/detection Stage 2 https://www.virustotal.com/gui/file/d1b85d7670f9d954c9fa4301e00d42652b28d28f086a057b66368b5e6a4a15ef/detection Stage 3 https://www.virustotal.com/gui/file/667250857f2b30a82d4dd701c3f54c1fa47b033546b20082ae19fc779a526b65/detection https://twitter.com/ankit_anubhav/status/1410835384733368325/photo/1
-
[2021-07-02 11:04:51] @InQuest ???? Malicious RTF document found hosted at: https///bit.ly/2UTaZBr SHA256: d1b85d7670f9d954c9fa4301e00d42652b28d28f086a057b66368b5e6a4a15ef IOC extracted from sample: https://labs.inquest.net/dfi/hash/f06415d3df49d9c8f5ac780aaaed14d0cb28d7b24ad6fdac3d043485fd98159e
-
[2021-07-01 18:20:57] @JAMESWT_MHT Mentioned "CARTA_IDENTITA" Samples rtf https://bazaar.abuse.ch/sample/abab55c3c2109d14d6efde236c6200bbf59edf9c2edc6d8a59ce6e310607bc9b/ vbe https://bazaar.abuse.ch/sample/bd63f098304c316749c2b49726aaa7c5af4c33a4de7a5049e32587491c21a113/ Run https://app.any.run/tasks/5bdbb67e-f8a4-45f5-98ef-d67943e7a484 ❗️❗️CARTA_IDENTITA.exe ❗️❗️ https://bazaar.abuse.ch/sample/99ebb7d245ea5a3535cfba9d1cc7ec71a8cef683b91522574e32170198851d7f/ ✳️Samples https://bazaar.abuse.ch/browse/tag/rinaldo/ Relations https://www.virustotal.com/gui/domain/rinaldomattei.firstcloudit.com/relations cc @verovaleros @felixw3000 @sS55752750 https://twitter.com/D3LabIT/status/1410540076447191040 https://twitter.com/JAMESWT_MHT/status/1410559041911328772/photo/1
-
[2021-07-01 10:44:29] @InQuest ???? Malicious RTF document found hosted at: https///[email protected]/3w9TmdD SHA256: 3ffa86c23ab644e5263b7302cfd5219e0c9add0e482f1b1f9eebf80d75a6eb63 IOC extracted from sample: https://labs.inquest.net/dfi/hash/b131ccc7c1512ce439277c163cfbebaede4c9386a66111f1ffbbc1a95e039451
-
[2021-06-29 13:59:16] @500mk500 @fuuuing_ Looks biteupdates.site is also related: https://www.virustotal.com/gui/ip-address/51.195.211.91/relations
-
[2021-06-28 21:13:32] @James_inthe_box @SwearengenCyber @alex_lanstein @DaveMarcus mail.exe #bitrat #xenarmor c2: 79.134.225.115 edi.exe #remcos c2: 79.134.225.112
-
[2021-06-27 20:39:17] @AcademicoCert Risk ???? #IoT Alert ????️????????????⚙️????#IoC #mirai https://bit.ly/3di8grN #Prevention ???? IoT Devices #DFIR #BestPractices @RedCiberSeg #IncidentResponse #UserResponse
-
[2021-06-26 02:23:23] @James_inthe_box Heh.wish I could say I was surprised that a #bitrat sample c2 is: resereved.nerdpol.ovh https://app.any.run/tasks/95bb54c8-f98f-4063-ac8b-9cb392a4c831 But..not surprised ???? https://twitter.com/James_inthe_box/status/1408506126157504515/photo/1
-
[2021-06-24 01:06:41] @yvesago @lisalaposte #phishing s://spiredata.ai/colis/ VIA p://bit.ly/3e5wC8W ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1407762044867289088/photo/1
-
[2021-06-23 19:05:41] @BushidoToken ☣️ Looks like #Lazarus or #GMERA? - MacOS 64-bit ARM executable - Detected as ‘Trojan.OSX.Nukesped’ https://www.virustotal.com/gui/file/80e58eb314d0d5e1a50be0c5fca0ca42cdda5e5297d6f7a2590840ac60504be1/detection Linked to a fake crypto trading app: https://www.virustotal.com/gui/file/8e9b77843611ae61276d9d7c50620ed08a2295b90baa37e2e0dc8a937ec089f2/relations cc @patrickwardle @TrendMicroRSRCH @ESETresearch @z0ul_
-
[2021-06-23 06:56:40] @bad_packets Ongoing mass scanning activity detected from 91.241.19.51 (????????) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext. #threatintel https://twitter.com/bad_packets/status/1407487734642470915/photo/1
-
[2021-06-23 05:29:53] @abel1ma 6月22日23時ごろからsextortion(性的脅迫)の詐欺メールを受信しています 件名 重要なニュース 振込先 bc1qnjtmake77vtzdq5hum4ucvdy7tkkutfl4nasks https://www.bitcoinabuse.com/reports/bc1qnjtmake77vtzdq5hum4ucvdy7tkkutfl4nasks この手のメールは、受信しても話に乗らずに無視してください
-
[2021-06-22 22:41:36] @yvesago #phishing s://firebasestorage.googleapis.com/v0/b/project-2623404665921760111.appspot.com/o/7803216754%2Findex.html?alt= media&token= 1002bde4-ed1a-4fa0-ad36-3d56ba6a222c VIA s://bit.ly/3gSomKZ ping @malwrhunterteam @PhishStats @Spam404 https://twitter.com/yvesago/status/1407363147812507658/photo/1
-
[2021-06-22 21:52:28] @JohnLaTwC This pentest recon script enumerates local computer information. accesses the SAM via shadow copies. writes results to a cab file. and does file transfer with bitsadmin. ???? https://www.virustotal.com/gui/file/c3114dd9265da3a81975f30532cd8ddcfe522c124fa7e5705596b0f45698cc99/behavior/C2AE https://twitter.com/JohnLaTwC/status/1407350783973236755/photo/1
-
[2021-06-21 07:56:33] @jjrruiz @Bitly #fraudulent shorten for #phishing: http://bit.ly/chekchile Proof: https://www.virustotal.com/gui/url/04ff6223f4ec881e633b1e7bdc2838c63023f4dda8365b787048dd6b62a57784/detection
-
[2021-06-18 11:41:21] @JAMESWT_MHT "Sua Fatura Vivo Chegou REF:946718" ???? hXXps://seudebito-online.eastus.cloudapp.azure.com/ ???? Zip https://bazaar.abuse.ch/sample/211cee55e693cb33ef2875b30e9eb98cc3f4bf3666a1c1e3e6e8bffceafa264f/ Msi https://bazaar.abuse.ch/sample/f22ee649e4377d819c87af15623076bc6a28aac49e6d99cf10c9a81d9df766b4/ ❎Dll 589MB #spy #mekotio? https://bazaar.abuse.ch/sample/7963fb66dcc4c97886484a36c7be5d94fadc99ed494cbfa1238561c1f2213275/ https://www.virustotal.com/gui/file/71005222c75e07649f800bf73a4c37ae8b2fc6cf8502b7f2d583014d2a797016/details ???? https://bazaar.abuse.ch/sample/1d3c29ed218c02e1fd85495148b7c6da847e7e70f7f186695a0d9f367db7f7ea/ cc @verovaleros @felixw3000 https://twitter.com/JAMESWT_MHT/status/1405747438250430464/photo/1
-
[2021-06-18 08:18:14] @phishunt_io #NewPhishing | #phishing #scam ???? /y-skills.com/bitrix/cache/BPD/Popularenlinea ???? 87.236.16.248 ☁ Beget LLC ???? R3 https://twitter.com/phishunt_io/status/1405696324419440640/photo/1
-
[2021-06-18 06:39:16] @jjrruiz @NICChile #phishing usando un dominio .CL http://bitalchile .cl Pruebas: * https://www.virustotal.com/gui/domain/bitalchile.cl/detection * https://www.virustotal.com/gui/url/0b4f87f5e87807eafcd769ae76f197d7a508c36072dd848df5d6d4193e82f1f7/detection Favor. su ayuda para deshabilitar el sitio a la brevedad.
-
[2021-06-18 05:26:47] @executemalware Today's #hancitor volume was quite a bit lower for me. Still. I received almost 70 emails. I did not receive any secondary payload (no #ficker stealer). Here's what I saw: https://pastebin.com/4BgfXiw8
-
[2021-06-15 13:41:15] @SecurityJoes *BITCOIN SWAPPER* Our Threat Center found another interesting sample - "cracked" #Arkei stealer. The malware drops a booby trapped ????Payload.exe (VT - https://cutt.ly/anHBnv4) that grabs the clipboard and modifies it to the threat actor's wallet. https://app.any.run/tasks/37f5016e-24b6-4607-a20d-2f4b6534d28d/
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터