Source |
Marco Ramilli |
Identifiant |
8149750 |
Date de publication |
2022-11-21 15:36:56 (vue: 2022-11-21 16:05:53) |
Titre |
Is Hagga Threat Actor (ab)using FSociety framework ? |
Texte |
Introduction Today I’d like to share a quick analysis initiated during a threat hunting process. The first observable was found during hunting process over OSINT sources, the entire infrastructure was still up and running during the analyses as well as malicious payload were downloadable. Analysis My first observable was a zipped text file compressing a […] |
Envoyé |
Oui |
Condensat |
actor analyses analysis compressing downloadable during entire file first found framework fsociety hagga hunting i’d infrastructure initiated introduction like malicious observable osint over payload process quick running share sources text threat today using well zipped |
Tags |
Threat
|
Stories |
|
Notes |
|
Move |
|