Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

more contagious interview #1

Open
tayvano opened this issue Nov 4, 2024 · 0 comments
Open

more contagious interview #1

tayvano opened this issue Nov 4, 2024 · 0 comments

Comments

@tayvano
Copy link

tayvano commented Nov 4, 2024

will try to pull request later but heres a dump from my notepad, enjoy

--

[10/18/24 4:53 PM]
https://bitbucket.org/future_maker/tradingview/src/main/server/middleware/errorMiddleware.js

contagious interview
c2 45.137.213.30:1224

https://www.reddit.com/r/jobs/comments/1fqogoy/beware_of_fake_recruiter_requests/


[10/18/24 4:28 PM]

https://github.com/Medium093/Sports_game/blob/main/server/middlewares/helpers/error.js


[9/24/24 6:29 PM]
another contagious interview, i dont have many details tho
persona: "Alberto Flores Galvan"
c2 of malware: 147.124.214[.]129


[9/18/24 9:23 AM]

python deobfuscates and runs code that downloads something from here http://67.203.7.171:1244/payload/ZU1RINz7 and then saves it here, I think ~/.n2/pay

if it fails, then downloads http://67.203.7.171:1244/pdown/p.zi to tmp/p2.zip

Downloading data on chrome extensions including tron ​​wallets, metamask and "/.config/solana/id.json", downloading data from other browsers - edge, firefox, brave-browser, data /.local/share/keyrings, /.config/google-chrome porfiles and some others

https://www.linkedin.com/in/gabriel-luna-640524202/


[7/29/24 6:45 PM]

hxxps[://]github[.]com/aman-tiwari001/sui-game

dprk beavertail distributing payloads - ip address 95[.]164[.]17[.]24

https://app.any.run/tasks/eeec5f3a-b40a-449f-abff-14efd8fde9e9

https://urlscan.io/result/e524048c-08c4-4568-8634-8b8589477bad/


august 7 2024

https://github.com/newbee96422/MetaWar_ver_4

https://linkedin.com/in/aline-santoro-2a2029215


[6/18/24 9:01 AM] The repository is private. It appears they are preparing files for specific victims, as they sent me something that fits my stack perfectly. However, they forgot to remove the author from package.json, and I found the original GitHub account from which they stole the code.

Their github acc: https://github.com/goldy1113

upwork: https://www.upwork.com/jobs/~01a6075dfe3645267e


feb 28 2024

https://app.freebling.io/

The codebase: http://bitbucket.org/juandsuareza/main/src/main/

Issue: https://drive.google.com/file/d/1uLLOF56mFkVf-GZbTxKXZlHXNAFUkgGy/view?usp=sharing

document with the overview of requirements:
https://docs.google.com/document/d/1WJSYLFfD-edGs1wKuoO8hSAUq-KYk9XXvRjR2mNYVJI/edit?usp=sharing


feb 01 2024

https://www.linkedin.com/in/lucas-sousa-santos-54148a2a5

https://drive[.]google[.]com/file/d/1MeOvMRShcG0BqvT3iLm84-MAIZN12-w0/view?usp=sharing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant