Squiblydoo (@squiblydooblog) Twitter Tweets • TwiCopy

Squiblydoo

@squiblydooblog

+ Follow

Malware Analysis (mostly SolarMarker)
Creator of Debloat and certReport
Want to chat? Join the Debloat discord: discord.gg/dvGXKaY5qr

ID: 1329845004303527938

linkhttp://squiblydoo.blog calendar_today20-11-2020 17:52:45

900 Tweet

3,3K Followers

72 Following

Squiblydoo

@squiblydooblog

15 days ago

Certificate has been reported. Thanks.

thumb_up_off_alt31

chat_bubble_outline0

repeat6

shareShare

JAMESWT Karsten Hahn "LONG SOUND TLD" has now been reported. It is also the trojan CrystalPDF, but seems to be an older version. Domains: flt.cntrlclient[.]com/v6 sih.cntrlclient[.]com/r Same functionality.

<a href="/JAMESWT_WT/">JAMESWT</a> <a href="/struppigel/">Karsten Hahn</a> "LONG SOUND TLD" has now been reported.
It is also the trojan CrystalPDF, but seems to be an older version.

Domains:
flt.cntrlclient[.]com/v6
sih.cntrlclient[.]com/r

Same functionality.

thumb_up_off_alt5

chat_bubble_outline0

repeat2

shareShare

Squiblydoo

@squiblydooblog

14 days ago

"Harmony_Impact_Campaign_Brief_PDF.exe" Signed "Universal Vision Limited" f470ab8df8dc7764cb726c85d9a6f5daadca98d45f34bff992a563754b484b93 Refuses to run in sandboxes PDF icon, Decoy PDF Malcat's Kesakode suggests high probability of "QuirkyLoader" h/t MalwareHunterTeam

thumb_up_off_alt17

chat_bubble_outline0

repeat8

shareShare

Squiblydoo

@squiblydooblog

14 days ago

I got to demo MalBeacon's DeceptionPro and love it. Summary: "DeceptionPro allows you to monitor cybercrime by creating realistic environments, allowing front row seat to attacker behaviors and post-exploitation activity." squiblydoo.blog/2025/10/14/dec…

thumb_up_off_alt4

chat_bubble_outline0

repeat0

shareShare