찾아줄게요
SAGE 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 SAGE라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
SAGE 파일은 Sage 암호화 파일 입니다. Sage에서 배포한 파일인 것으로 보입니다. 2017-10-20 00:25:26에 처음으로 보고되었으며 2017-10-20 00:25:26에 마지막으로 보고되었습니다.
-
Sage 프로그램을 다운로드하여 SAGE 파일을 열 수 있습니다.
-
Sage 랜섬웨어 암호화 파일
Sage ransomware encrypted file -
!HELP_SOS (HTA)
!Recovery_[a-zA-Z0-9:6] (HTML, TXT) -
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-06-25 19:35:52] @pkalnai An update: "People Defense Force.rar" https://www.virustotal.com/gui/file/1d3e2eeaec0707e531593aa9aadaee0ee7757b67de43eae924fad122e86f60a0/submissions C2 -> 176.118.167.36 (from Finnish location to Estonian). The message changed too. https://twitter.com/bryceabdo/status/1341028149807599616 https://twitter.com/pkalnai/status/1408403567468236802/photo/1
-
[2021-06-25 19:03:50] @richlilly Any of my other IL folks wake up to this text message today? Ok phish or crap job by the state. https://www.virustotal.com/gui/url/76355623f003301882e10ba3fbae5f87217e347527399d4a5e99cf02c816b609/detection https://www.virustotal.com/gui/url/cee12241b14a824ad73d2c84b8945d3cdd689c34121aafd3a3ae849a45ccde5f/detection #Infosec https://twitter.com/richlilly/status/1408395507022585857/photo/1
-
[2021-06-08 04:37:22] @ActorExpose Received Telegram message on my dm File Name: “专业老师”精心布局“高段位”非法期货投资陷阱 (1) https://malshare.com/sample.php?action= detail&hash= c4fc2b8a7cd39187f76f4e3ce1b92daf
-
[2021-06-04 07:10:15] @ActorExpose Active Phish hxxp://honeyloveboutiques.com/china/boxMrenewal.php chain message "No one like me and that is my power .hash-tag Elmor3b" NuKe: @Spam404
-
[2021-06-01 15:00:07] @5h1vang tweet- 1/2 New versions of #Android #Covid #SMSTrojans under development. https://www.virustotal.com/gui/file/87fc5b1a171a535ab65fa53ba2dd422e2fcc4b8ac18dee291b44609c2c13d7d0/detection Similar to @LukasStefanko tweet https://twitter.com/LukasStefanko/status/1387733166195150849 But with following changes: 1. Not yet signed 2. SMS Message encoded in base64 3. Distribution - hxxp://tiny.cc/CO-REGI
-
[2021-05-28 12:09:12] @r3dbU7z Hint: Your linux unexpectedly began sending messages to #telegram? Just watch man 8 mon ! https://www.virustotal.com/gui/file/45422231132d5c235a92a332a753b8226d9aa2e80b1cca3387cc14806276da47/behavior/OS%20X%20Sandbox https://twitter.com/r3dbU7z/status/1398144300937105409/photo/1
-
[2021-05-08 01:16:56] @michalmalik https://www.virustotal.com/gui/file/d5fc1d8567253f9bb03c9d4b809463c6f305711ade4c8cf619fb3ba32b3abc79/detection < Looks like a new Masuta variant called "Rimasuta" (based on Mirai). uses TEA to decrypt/encrypt strings with a message for @briankrebs "come at me krebs rimasuta go BRRT" ;-) https://twitter.com/michalmalik/status/1390732396274884610/photo/1
-
[2021-05-04 14:53:21] @yvesago #phishing s://m3-global.s3.us-east-2.amazonaws.com/index.html#[email protected] with POST to telegram ://api.telegram.org/bot1205562996:AAHOkGsRPrtdJHjqInkqc8fNnG8ScI3uWDw/sendMessage ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1389488301715902464/photo/1
-
[2021-04-26 15:08:13] @yvesago one more #quackbot #malware for French VT 5/63 https://www.virustotal.com/gui/file/1a690333b70aa779893e24dbaaf26883c62063e4670c39c1283c4371d2f796f5/detection https://www.joesandbox.com/analysis/697514 p://studio.joellemagazine.com/7ehw0/olivier_airaud-55.zip p://msprieto.com/63mO4/apprentissage-90.zip ping @ANSSI_FR @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1386592940986863619/photo/1
-
[2021-04-12 01:07:58] @micham If you know how to "show any massage to victim". here's a chance .. ???? https://www.virustotal.com/gui/url/59459a53ae608de11fc30556b855974507bffbe14873a092bc0bed6710c41c14/detection https://twitter.com/micham/status/1381308056621879297/photo/1
-
[2021-04-06 00:41:43] @GrujaRS New #Hiddentear #Ransomware extension .Dark! Ransom note;Ransomware Text Message.txt @BleepinComputer @LawrenceAbrams @demonslay335 Sample VT https://www.virustotal.com/gui/file/183288d99c52f5df7837e2ce0ca427bef205d1383eebd6ea4586fd4feac27fb6/detection https://twitter.com/GrujaRS/status/1379127120186769408/photo/1
-
[2021-04-03 15:56:51] @fbgwls245 #Ransomware (CryptoHauler) 5390CF1295A4C44CB4C966B83A7F71AA ext: .Dark Note: Ransomware Text Message.txt @BleepinComputer @demonslay335 @Amigo_A_ @siri_urz @malwrhunterteam https://twitter.com/fbgwls245/status/1378270260311203840/photo/1
-
[2021-02-26 21:15:46] @ffforward #Gootkit zip>js via compromised /www.uworganic.wisc.edu/musterbrief-absage-gehaltserhohung/ @UWMadison. Can't get the drop right now. but know it's live for.. reasons ???? cc @James_inthe_box @JAMESWT_MHT @VK_Intel @tbarabosch @DFNCERT https://twitter.com/ffforward/status/1365289453338710019/photo/1
-
[2021-02-22 21:33:42] @infosectdk #Phishing Pretending to be Mimecast Subject: You have new held messages Sent from Finland (135.181.199.138) Hosted in Germany (site blacklisted) https://otx.alienvault.com/indicator/ip/195.62.46.77 https://otx.alienvault.com/indicator/domain/messagedilemma.com Email is just a straight graphic with hyperlink. @Mimecast
-
[2021-02-19 18:53:19] @reecdeep #Qakbot #Qbot #Malware targets #Italy ???????? 19-02-21 "Ciao!" (such a polite message! ????) attached ZIP > XLS ????hxxps://i345999.hera.fhict.nl/ds/1902.gif https://app.any.run/tasks/9c3a843b-36ef-4cd5-858a-fafd40292835 @guelfoweb @VirITeXplorer #infosec #CyberSecurity #DFIR #cybercrime #cyberattacks #Security
-
[2021-02-10 16:22:29] @FrPhishing Les domaines suspicieux du jour : ► infoassurameli.com (cc @cybervictimes) ► leboncoin-paiement.com ► leboncoin-messagerie.com ► kbis-enligne.net ► web-voscomptesenligne.xyz ► banquepost.info (cc @SwissPost_CERT ) cc @abuse_ch
-
[2021-02-05 04:10:19] @ActorExpose Active Phish hxxps://f000.backblazeb2.com/file/app-newsagent-ae89b7ae/index.html @Spam404
-
[2021-02-01 23:12:29] @kehlarn #phishing meh flywheel drop amex via fastly AS54113 (reported) 'Account Security Message.pdf' (via sendgrid) https://www.virustotal.com/gui/file/8097a0c3dd56ec766fafe79b0275462c7d1d78f1b26fc0e6ba17c9940494f444/detection 151.101.66\.159/22 //tlsmacon.com/wp-content/themes/aeonaccess/images/americanexpress.com.axpx-xwax
-
[2021-01-29 06:16:28] @executemalware I suppose if a threat actor is dumb enough to leave a phishing kit on 1 domain then it shouldn't be surprising to find it on other domains? ???? hxxps://fameentertain.com/wpweb/ hxxps://bridgemessage.com/bin/ hxxps://insightpassage.com/Mil/
-
[2021-01-26 22:14:40] @reecdeep ????#AveMaria #Malware targets #Italy ???????? via fake bank message! "Bonifico euro" ⚙️ https://app.any.run/tasks/291734ae-12f5-4350-a320-2da1583ed5e7 ????c2: 52.146.42.226:5600 @guelfoweb @VirITeXplorer @merlos1977 @Dr_N0b0dyh @Bl4ng3l @58_158_177_102 @Bank_Security #infosec #CyberSecurity #DFIR https://twitter.com/reecdeep/status/1354070251911213057/photo/1
-
[2021-01-23 13:06:19] @dubstard Dumb tip: @UniswapProtocol. @Gemini or @BalancerLabs will NEVER DM you! The chances of getting an unsolicited DM messages from Noah. the Winklevoss twins or Fernando are thin. http://gemini.com/blog/our-take-on-youtube-bitcoin-scams cc @discord canceling my NITRO. because platform is a cesspool for scams. https://twitter.com/dubstard/status/1352845092835520513/photo/1
-
[2021-01-21 22:07:31] @cpardue09 #ln -s :malware_traffic: 2021-01-20 (Wed) - Continued.. However. most of what I saw from #Emotet epoch 3 #malspam had passwords in the message text (no captcha-style images) - Example of extracted Word doc at: https://bazaar.abuse.ch/sample/7dfa4920e28f7fb29741d69a81451679a71d986b167f9236227390b0cdd2b5ad/ https://twitter.com/malware_traffic/status/1352256473905192960/photo/1
-
[2021-01-21 22:07:21] @malware_traffic 2021-01-20 (Wed) - Continued.. However. most of what I saw from #Emotet epoch 3 #malspam had passwords in the message text (no captcha-style images) - Example of extracted Word doc at: https://bazaar.abuse.ch/sample/7dfa4920e28f7fb29741d69a81451679a71d986b167f9236227390b0cdd2b5ad/ https://twitter.com/malware_traffic/status/1352256473905192960/photo/1
-
[2021-01-20 21:22:34] @bl4ckh0l3z @malwrhunterteam #SMSThief ✉️ ????C2: http://88.99.200.114/w/mrfucker.php Nice iranian phishing webpages. and a kind and polite message on it ???????? Same as ???????????? https://twitter.com/bl4ckh0l3z/status/1350492882633895938?s= 20 https://twitter.com/bl4ckh0l3z/status/1351882815974076417/photo/1
-
[2021-01-15 22:57:10] @jjrruiz @Namecheap other #fraudulent domain for #phishing on your services. It is filtering by non-Peruvian IP & showing a fake message (but is active! Check the image). hxxp://www.zonasegura.bcpviabcp .com Proofs: * http://virustotal.com/gui/domain/www.zonasegura.bcpviabcp.com/detection * http://virustotal.com/gui/url/d0776cb6661437def9ed16da65f757f494d2632a76e47275003f86406cd16eb9/detection Please disable it https://twitter.com/jjrruiz/status/1350094683163258881/photo/1
-
[2021-01-13 05:10:03] @malware_traffic (2 of 2) - Paste of malware info: https://pastebin.com/Bte5Tptw - Pastebin raw: https://pastebin.com/raw/Bte5Tptw - Haha! Got some unencrypted SMTP in the #Emotet #spambot traffic.. Gotta look through those messages. now.. https://twitter.com/malware_traffic/status/1349101356376879109/photo/1
-
[2020-12-29 04:50:41] @Cryptolaemus1 s://secretmassageclub.co.uk/wp-includes/inf/ /tools.apecsoft.asia/application/O/ 2 of 2 Only Sextet.. ????♂️
-
[2020-12-27 01:56:56] @luc4m Do you think is there a secret message behind the choice of the fake signature and the icon in this #ursnif #isfb sample? ???? https://bazaar.abuse.ch/sample/7a9938273e502427d127d1aced6f9fe7fd25c7fdffe5319788f1e0588280734b/ @malwrhunterteam @reecdeep @James_inthe_box @JAMESWT_MHT @malware_traffic @Racco42 @makflwana @pollo290987 @bad_packets @VK_Intel https://twitter.com/luc4m/status/1342892165622599680/photo/1
-
[2020-12-23 09:26:13] @Cryptolaemus1 #Emotet E1 Doc URLs as of 20:30UTC+: /www.mundoahorronline.com/wordpress/2S1/ /www.luxuryavenew.com/wp-admin/RIl1/ /alsaudiacuttingmaster.com/anticalculous/LA/ /sageartisan.com/wp-content/1KsvR/ 1 of 2
-
[2020-12-12 05:19:48] @MBThreatIntel Malspam pushing #ZLoader with interesting template. Subject: Expectingfax document 891820 Watching forfax document 226744 Waiting forfax message 699609 Agreementfax message 422308 Sentfax message 473803 Payload: 0e70968a9326d7abc103c04b4c355649c837c69c92b83af9ac4e2c1c123f0948 https://twitter.com/MBThreatIntel/status/1337507401512022016/photo/1
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터