\_(ʘ_ʘ)_/

3.6K posts

$\_(ʘ_ʘ)_/ banner$

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/

@pollo290987

Katılım Mart 2017

283 Takip Edilen4.3K Takipçiler

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·27 Şub

#RMM E-Fatura_Orc.exe MD5: 8f6b9f956bdd19237c1fa7d9fa654960 Subject: Folha Orçamento PDF s://www.dropbox.com/scl/fi/xc2s1xuom2u2yj0i8w1r5/E-Fatura_Orc.exe?rlkey=jm3mk5scx3jfj5bpoq5m05ld3&st=rc55oqwm&dl=1

$\_(ʘ_ʘ)_/ tweet media$ $\_(ʘ_ʘ)_/ tweet media$ $\_(ʘ_ʘ)_/ tweet media$

1.4K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·24 Şub

#Lumma #Stealer Setup.exe 814a04d21a3331820fe9e1654a160b39 C2 /convexm.top

700

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·20 Şub

#RMM_NAble FolhadeOr-amentoPDF.exe MD5: 4cec112404691e2fad7b323d467e15df Subject: Folha Orçamento PDF s://www.dropbox.com/scl/fi/rls1zkdy4fvzv9wr30kkz/FolhadeOr-amentoPDF.exe?rlkey=f57ygwk5v2cigwpsed47l7orw&st=yj64nrqk&dl=1

Nederlands

632

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Şub

#RMM_NAble Or-amento-Cota-o.exe 9dfe5f9974adc95a06c24d51715f1404 Subject: Cotação Rui Mendes s://www.dropbox.com/scl/fi/jpzu8a4ivgrcp6ppop2l0/Or-amento-Cota-o.exe?rlkey=uiv0xjzb1t4lqdow9mt8nr4ue&st=5bpqr9yq&dl=1

Română

574

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Şub

#RMM_NAble Or-ameno2026.EXE edb0db5837527ef456423327b98bc4d6 Subject: Orçamento s://www.dropbox.com/scl/fi/mgeqq6x0mzko9w50qmrb3/Or-ameno2026.EXE?rlkey=3momtalpyqvspc2f2k55v4q7h&st=e6cgzhcr&dl=1

576

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Şub

#n-able DetalhesCotaçãopdf.exe e5cb1d159d6a322e9e9e9ada6ef6a48e Subject: Analise Cotação s://www.dropbox.com/scl/fi/1lennmxecq5e762zvyjnb/DetalhesCota-opdf.exe?rlkey=5tgl3n2n8c0mega5v40b91bwm&st=ltw9xwo9&dl=1

Română

526

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Şub

[0-9]{3,4} Notificacion de vencimiento - No [A-Z0-9]{6,8} pdf w/pwd [0-9]{4} GOS-258398.pdf 11077b70a1c22ba72a51e0a6d8dd0154 s://24.179.153.160.host.secureserver.net/ jkOu9rHe0huZW1eoPcwmn 5MUmpR5xCpXI51g1fvfpz e1MyL2BqPYxeuHhfTLO4A Similar activity: 160.153.189.123

$\_(ʘ_ʘ)_/ tweet media$ $\_(ʘ_ʘ)_/ tweet media$

English

861

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Şub

#n-able FicheiroOrçamento.EXE 0255c235b8b66aa9cb38432484839674 Subject: "Orçamento" s://www.dropbox.com/scl/fi/dw1q8h6x48e0c3rysawus/FicheiroOr-amento.EXE?rlkey=62b0blc3o0izxayquynkavvy9&st=cwxm8mgk&dl=1

730

\_(ʘ_ʘ)_/ retweetledi

Will@BushidoToken·4 Ağu

Pleased to share my latest blog post for @TeamCymru all about identifying and tracking C2 infrastructure. 1/3 🧵 team-cymru.com/post/fingerpri…

English

23.3K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·9 Tem

s://archive.org/download/universe-1733359315202-8750/universe-1733359315202-8750.jpg 661728638da04ade17aab3002b2e6c12

Română

2.2K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·9 Tem

#ShadowVector FALLO_CON_CONCEPTO_FAVORABLE_PARA_EMBARGO_DE_ACTIVOS_Y_CUENTAS_A_DEUDORES_REPORTE_OFICINA_DE_HACIENDA_ALCALDIA_ARBOLEDAD_NORTE_DE_SANTANDER_PARA_EJECUTORIAR_MES_JULIO_DEL_2025pdf.rar rar a4a4395d398c64ae932d109d362d64d2 js 9d7f7c692b68d5445f152901e80beece

Español

2.4K

\_(ʘ_ʘ)_/ retweetledi

Will@BushidoToken·3 Tem

Pleased to share my first official Team Cymru blog that follows on from my webinar last month 🙌 “Uncovering DPRK Remote Workers: Detecting Hidden Threats Through Internet Telemetry” 🇰🇵 🔍 team-cymru.com/post/uncoverin…

English

184

15.1K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·2 Şub

@1ZRR4H @JAMESWT_MHT #Coyote malware ... WhatsApp - ZIP -- LNK --- PS1 ---- EXE ----- PS1 ------ EXE ------- Coyote

English

1.7K

Germán Fernández@1ZRR4H·1 Şub

Malware targeting Brazil (geofenced) 🇧🇷 allegedly distributed via WhatsApp All the LNKs I checked pointed to a different subdomain (Wildcard DNS type), which apparently works and allows them to evade certain network-level detections? 🤔 Two domains: semrabo[.]com pinkeosemrabo[.]com Some LNK names: ItauComprovante-30443-5410.pdf.lnk ComprovanteSantander_2025-01-27_8492.pdf.lnk H/T @malwrhunterteam [+] 1st stage (ps1) bazaar.abuse.ch/sample/0fd542b…

English

139

22.1K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Eyl

C2 185.216.68.121 Ports 6211, 6212

Français

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Eyl

#PocoRAT s://miercolesf118.b-cdn.net/ SISTEMA%20FACTURACION_00315.REV URGENTE%20COMUNICADO_003265.REV PRESUPUESTO%20ONLINE%2333302143.REV s://miercolesf218.b-cdn.net/ COMPRAS%20ORDENES%232201223.REV

Español

4.6K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Eyl

PRESUPUESTO%20ONLINE%2333302143.[REV|EXE] 57a9657f7e38efbbeb04f14eb160fca0 28d6facb7b1e43a8227f33944cfd9f79 COMPRAS%20ORDENES%232201223.[REV|EXE] 965532eae24b7c8af2ac5aa82922cc49 28d6facb7b1e43a8227f33944cfd9f79

Indonesia

2.3K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·19 Eyl

SISTEMA FACTURACION_00315.[REV|EXE] d7377978ce62dd1125ad31fb8dc42e9c bea7d5e758c456f657f8799a828af834 URGENTE COMUNICADO_003265.[REV|EXE] 61c1517496f1229d805b9ec5b9fb988a 4d1a592d8b51f2a40537b1706ade93f8

Français

2.8K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·18 Eyl

s://carpetaf1.b-cdn.net/LUNES16/ ZOOM%20COMUNICADO%200329712.REV 2f9a4c218bdb070ac12a19ece88fd1fd PAGO%20ENVIO%20TRANFERENCIA03226.REV 3fe2acea8be91d6352f079ad977e8355 ZOOM COMUNICADO 0329712.exe PAGO ENVIO TRANFERENCIA03226.exe 55308f0fa525418de43335487a7a7199

Português

1.7K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·18 Eyl

#PocoRAT s://martes17160924f2.b-cdn.net/NUEVO%20PRESUPUESTO_0014.REV NUEVO PRESUPUESTO_0014.REV b5042e9875f805fc7b34acff6b8416ce NUEVO PRESUPUESTO_0014.exe d77719ebb01b08e54f7a4ac3b9fab2c7 C2 185.216.68.121:6212

Español

2.9K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·17 Eyl

python-3.11.7-embed-win32[.]zip f6fa152aa4259f51604f5bbaf5a5f4c4 wdspqvr.exe 813296729218c6ab043dbf1f6b5b45d3 Exfil /nota-estadual/cliques.php C2 /***.brazilsouth.cloudapp.azure.com:3102

$\_(ʘ_ʘ)_/ tweet media$ $\_(ʘ_ʘ)_/ tweet media$ $\_(ʘ_ʘ)_/ tweet media$

English

2.3K

$\_(ʘ_ʘ)_/$

\_(ʘ_ʘ)_/@pollo290987·17 Eyl

#CarnavalHeist Nota Eletronica - [0-9]{7} s://is.gd/RFGZfq s://notafiscal.relatorio-fiscais.store/nota-estadual/?notafiscal=00382006.240091 20.201.119.30@80 NotaFiscal.pdf.lnk 0afdf765713d2b2b522fcb2b59908871 \c\c.cmd 18a3702bb83631256dac200fba0d5489

Español

5.5K

Keşfet

@teamcymru @1ZRR4H @JAMESWT_MHT @malwrhunterteam @elonmusk @BarackObama @taylorswift13 @cristiano