tracking.. pwsh #loader used during #quantumlocker attack in October related to August operations (#cobaltstrike deceted)
Links
Oct -> https://twitter.com/pmelson/status/1595119169963687936
Aug -> https://twitter.com/TeamDreier/status/1562709380126355456
TwitterPaul Melson on Twitter“@500mk500 @luc4m @malware_traffic @MichalKoczwara @James_inthe_box @58_158_177_102 @Arkbird_SOLG @pr0xylife Related:
fastaccesone[.]com
fastaccestwo[.]com”