more contagious interview

[tayvano]

will try to pull request later but heres a dump from my notepad, enjoy

--

[10/18/24 4:53 PM]
https://bitbucket.org/future_maker/tradingview/src/main/server/middleware/errorMiddleware.js

contagious interview
c2 45.137.213.30:1224

https://www.reddit.com/r/jobs/comments/1fqogoy/beware_of_fake_recruiter_requests/

---

[10/18/24 4:28 PM]

https://github.com/Medium093/Sports_game/blob/main/server/middlewares/helpers/error.js

---

[9/24/24 6:29 PM]
another contagious interview, i dont have many details tho
persona: "Alberto Flores Galvan"
c2 of malware: 147.124.214[.]129

---

[9/18/24 9:23 AM]

python deobfuscates and runs code that downloads something from here http://67.203.7.171:1244/payload/ZU1RINz7 and then saves it here, I think ~/.n2/pay

if it fails, then downloads http://67.203.7.171:1244/pdown/p.zi to tmp/p2.zip

Downloading data on chrome extensions including tron ​​wallets, metamask and "/.config/solana/id.json", downloading data from other browsers - edge, firefox, brave-browser, data /.local/share/keyrings, /.config/google-chrome porfiles and some others

• sending files by post request with multipart form data - http://67.203.7.171:1244/uploads

https://www.linkedin.com/in/gabriel-luna-640524202/

---

[7/29/24 6:45 PM]

hxxps[://]github[.]com/aman-tiwari001/sui-game

dprk beavertail distributing payloads - ip address 95[.]164[.]17[.]24

https://app.any.run/tasks/eeec5f3a-b40a-449f-abff-14efd8fde9e9

https://urlscan.io/result/e524048c-08c4-4568-8634-8b8589477bad/

---

august 7 2024

https://github.com/newbee96422/MetaWar_ver_4

https://linkedin.com/in/aline-santoro-2a2029215

---

[6/18/24 9:01 AM] The repository is private. It appears they are preparing files for specific victims, as they sent me something that fits my stack perfectly. However, they forgot to remove the author from package.json, and I found the original GitHub account from which they stole the code.

Their github acc: https://github.com/goldy1113

upwork: https://www.upwork.com/jobs/~01a6075dfe3645267e

---

feb 28 2024

https://app.freebling.io/

The codebase: http://bitbucket.org/juandsuareza/main/src/main/

Issue: https://drive.google.com/file/d/1uLLOF56mFkVf-GZbTxKXZlHXNAFUkgGy/view?usp=sharing

document with the overview of requirements:
https://docs.google.com/document/d/1WJSYLFfD-edGs1wKuoO8hSAUq-KYk9XXvRjR2mNYVJI/edit?usp=sharing

---

feb 01 2024

https://www.linkedin.com/in/lucas-sousa-santos-54148a2a5

https://drive[.]google[.]com/file/d/1MeOvMRShcG0BqvT3iLm84-MAIZN12-w0/view?usp=sharing