Squiblydoo

Why, hello there, #solarmarker. virustotal.com/gui/file/1e791…

Most folk who follow me have seen me chat about Malcat. If you aren't familiar: It is a fairly inexpensive tool for malware analysis and RE that is super powerful. My favorite tool by far. The developer is doing a stream next week, something well worth catching.

Low detection #bumblebee Distributed disguised as NetSetMan.msi "LLC Onixgroup" -- I don't post every cert we report. But if you want to see what gets reported, use Cert Central or the Cert Central API. certcentral[.]org

#bumblebee signed "LLC Ugurmana" Distributed disguised as Advanced IP Scanner and NetSetMan https://bazaar.abuse[.]ch/sample/a14506c6fb92a5af88a6a44d273edafe10d69ee3d85c8b2a7ac458a22edf68d2/ https://tria[.]ge/250716-nltd7avzcy/behavioral2 h/t @g0njxa @JAMESWT_WT

Thats the way I like my libssl.dll: signed by a Indian company that makes nutrients for livestock "GAUAMRIT NUTRICARE PRIVATE LIMITED" MD5: ae0912ba4a5bff3f3543f5f393446adb https://bazaar.abuse[.]ch/browse.php?search=serial_number:737c5c461d3864ac4f089e26 h/t @g0njxa

Fake DBeaver signed by "LLC Vtorsintez" 🇷🇺 MD5: 4fa9f678df14a33e2e5480d63604f811 (Too big for MalwareBazaar) https://tria[.]ge/250711-n4tsnst1fs/behavioral1 Anti-analysis: wmic memorychip get Capacity -> exits h/t @g0njxa @JAMESWT_WT