Samples 👇

bazaar.abuse.ch/sample/336e3...

bazaar.abuse.ch/sample/658b8...

bazaar.abuse.ch/sample/c3baf...

distro:
hxxps://aurestorage.cfd/?id=hefwtPsf22F
hxxps://ateen.life/fes.php

BRC4

hxxps://huanvn.com:6542/stop.php
hxxps://vutarf.com:6542/gop.php

Latro

hxxps://reateberam.com/test/
hxxps://dogirafer.com/test/

(2/3) 👇

#BruteRatel - #Latrodectus - url > .js > .msi > .dll

wscript.exe Document-v15-51-07.js

msiexec.exe /I C:\Users\Admin\AppData\Local\Temp\fes.msi

rundll32.exe C:\Users\Admin\AppData\Roaming\avutil.dll, DLLMain

(1/3)👇

IOC's
github.com/pr0xylife/La...