StrikeReady Labs
LightNews LightNews
banner
strikereadylabs.com
StrikeReady Labs
@strikereadylabs.com
550 followers 1.6K following 330 posts
https://strikeready.com/blog.html
Download live malware samples mentioned here: https://github.com/StrikeReady-Inc/samples

If you prefer marketing (our product is great!) subscribe to our main page @strikeready.com
Posts Replies Media Videos
strikereadylabs.com
#dailyphish #crimeware decent openai phish that just asks for a credit card
November 10, 2025 at 8:33 PM
strikereadylabs.com
#gamaredon #apt #dailyphish

Запит на отримання інформації командира військової частини А0135_11-967_10.11.2025.HTA 2a04a7584d90cff161be936b0b3f43c0
Запит командира військової частини А0135.rar 5df7ff42d566156ce7c478f1a40896e3
November 10, 2025 at 1:47 PM
strikereadylabs.com
Now leveraging Turnstile to protect their payload
filesdownld.z13.web.core[.]windows[.]net/A9T3ZB7L1QX5.html
> twilight-voice-2c67.smith93011.workers[.]dev
>Chi Tiết Kế hoạch Chuyển đổi số và BADT. zip
filestoretome.z23.web.core[.]windows[.]net/filelocate.html > oumuenz[.]com >Details[.]zip
November 7, 2025 at 9:00 PM
strikereadylabs.com
Interesting abuse of Railway to host this APT phish, targeting the Sri Lankan government #dailyphish #apt hosted on nrmlgml-production[.]up[.]railway[.]app cc @jazco.dev
November 7, 2025 at 1:57 PM
strikereadylabs.com
#apt targeting the Ministry of Foreign Affairs in Hungary #sidewinder grabfiles[.]org
November 5, 2025 at 2:02 PM
strikereadylabs.com
#apt CBDT-.rar 8fba8add32ba8c58705d397c8938c885

uses luajit with interesting comments, but llm derived regardless
uploaded from India
CBDT.pdf
crycert.dat
lua51.dll
PASSWORD.lnk
update.bin
update.exe
November 4, 2025 at 1:54 PM
strikereadylabs.com
"Scheduled_Internet_Outages.doc" (a9235540208fa6a25614c24a59e19199) hosted on reminders.trahum[.]org. Hebrew decoy
November 4, 2025 at 12:48 PM
strikereadylabs.com
"MAK Tata Cara Pengajuan dan Persetujuan Rencana Pengembangan.doc" unknown actor. 98c42969f5016de29d9cb53697ace1d0 -> socket to 43.133.139[.]174:8080
November 4, 2025 at 12:40 PM
strikereadylabs.com
"Liberalization_and_Competition_Telecom.doc" #UNK_SweetSpecter ff22419b8ec3994542f23c78dc21a7c5abcb634008d99b7fa1fff1bb23102a00 #apt
November 3, 2025 at 9:16 PM
strikereadylabs.com
Awesome find and congrats on attrib by @kasperskylab.bsky.social! We apparently found this one as well last year, but couldn't tie it to a group at the time
October 30, 2025 at 4:14 PM
strikereadylabs.com
#dailyphish #gamaredon

here's a recent gamaredon phish. cant stop wont stop ->
Повістка про виклик_357-16230-25_24.10.2025.pdf:.._.._.._.._.._.._AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Startup_357-16230-25_24.10.2025.HTA
f2368a466c7a67ab3690736dd9d84f62
October 28, 2025 at 3:05 PM
strikereadylabs.com
#dailyphish interesting phish spoofing UK gov drive[.]usercontent[.]google[.]com/download?id=11Qu_rF2cmNQomQ8J_kYfz_CCHtyYelAH&export=download -> inftrimool[.]xyz
October 20, 2025 at 12:58 PM
strikereadylabs.com
"sorry, we havent written any linux malware yet!"
#dailyopendir 2oomw0rk[.]run
October 13, 2025 at 4:59 PM
strikereadylabs.com
this #dailyphish may look like #apt, but it is actually 419-style scammers
October 10, 2025 at 12:44 PM
strikereadylabs.com
bb491248bb8f6067af39e196b11f4e408a7a3885704cadbd4266db52ae4b03e2
Agenda_Meeting 26 Sep Brussels\.zip #china #apt
e53bc08e60af1a1672a18b242f714486ead62164dda66f32c64ddc11ffe3f0df
c2 racineupci\.org
October 1, 2025 at 5:37 PM
strikereadylabs.com
Decoy tracking is a great indicator for potentially interesting payloads --- decoys that contain 'defence' or
'nato' related keywords have paid dividends for many years
218ed813d8a4d9d05473338795021c66012cd6c36368561d3aaf831a5c494740
utensils\.zip
cseconline[.]org
September 30, 2025 at 1:29 PM
strikereadylabs.com
blocking vt via htaccess ... pretty good indicator that you may not be up to any good ....
September 17, 2025 at 1:17 PM
strikereadylabs.com
interesting use of @vercel.com for today's #dailyphish
mscsharepoint[.]vercel[.]app/?email=[]
September 17, 2025 at 1:12 PM
strikereadylabs.com
seeing approximately a million of these #dailyphish today
September 16, 2025 at 3:02 PM
strikereadylabs.com
south asian threat actor continuing to target Nepal, this time by leveraging personas involved in their ongoing civil unrest
apks
playservicess[.]com/Emergency_Help.apk
playservicess[.]com/Gen_Ashok_Sigdel_Live.apk
September 11, 2025 at 4:15 PM
strikereadylabs.com
interesting #dailyphish .. send them a message talking about a previously sent password protected pdf (that wasn't ever sent), to get the person to reach out and ask for the malicious file
September 10, 2025 at 5:29 PM
strikereadylabs.com
#apt #ru gamaredon 9a95ba01961c0ae96047c2145978da04899975b1d6eeae6f3b2ccd124ad45bba
2-1180-25_03.06.2025.html
September 9, 2025 at 1:26 PM
strikereadylabs.com
new format from our .desktop friends, made famous by ZS researchers

Proposal_Posting_of_Offrs_to_RMC_Mumbai.pdf.desktop
0a671f5849a24aceb605d41dcb607230
September 3, 2025 at 12:56 PM
strikereadylabs.com
large trawling campaign against MFAs - specifically reps to Egypt

Online Seminar.FM.gov.om.doc
Online Seminar.MFA.gov.ct.tr.doc
pivot:
DPR for dredging in FreeSpan_16082025.2.doc

c2 screenai[.]online
3ab16bd1c339fd0727be650104b74dd1
1de19958e7c2ef14addfb35b43a594ec
e73ba93d008affdc4cce0cb4e18ae5c6
August 25, 2025 at 8:57 PM
strikereadylabs.com
August 15, 2025 at 8:08 PM