Trying something new with #GitHub and posting my spam #UCE #UBE and suspect / #malicious #emails and their associated attachments. Putting everything in a #mastodon post was problematic with space limitations, and was hard to find/organize/search.

Providing the redacted headers and URLs to the malware sandboxes used:

https://github.com/obrientg/Analysis/blob/main/Fri%2C%2025%20Oct%202024%20JS%20Phish.AAL

Received two (2) of the same samples, with different file names & hashes but the same detection of JS/Phish.AAL
Both were sent to the email address I use for threat intel & incident response collaboration efforts.
Email SRC on both was Google Cloud (#GCP) with an #openproxy, abuse reporting submitted.

#MD5 5cf33dd39d6db60423ac89fd63e5f500
#SHA1 863c95b7e7ff0bb8299cbae93dfaed12cc619332
#SHA256 c4e40b137e43c89261ee89a34db843477a8c994a21a92c98c7b15193face8c35

#MD5 8a9af78b0a4cdade6df9f71e7e5b1362
#SHA1 b03fdf0891adacc1995fdd1e2f043343c20a45e5
#SHA256 317aaea9d9ef39c9b85b9ce6e0f68ec83a06b2f3298aded981b19063b2f44737

#malware #incidentResponse #malwareAnalysis
#InfoSec #informationSecurity #cybersecurity #cyberz #cyber #cybercrime
#phish #phishing
#threatIntel #IoC #threatIntelligence #cyberthreatintelligence #CTI

#Go ( go1.23.1 ) #SHA256 https://github.com/minio/sha256-simd
is 36.25% _slower_ than std "crypto/sha256" ( for small data ).
Tested on Intel(R) Xeon(R) Platinum 8259CL
#golang #simd #sha #sha2 #sha256 #asm #x86 #minio #benchmark #intel #xeon #8259cl #programming #ymmv

#Go ( go1.23.1 ) #SHA256 https://github.com/minio/sha256-simd
is 6.2%-7% faster than std "crypto/sha256" ( for small data ).
Tested on ARM1176JZF ( 32bit ) ARM1176JZF-S
#golang #simd #sha #asm #arm #minio #benchmark #arm32 #arm11 #ARM1176JZF #ymmv