discord_shared_dprk_sample

initial_google_drive_link: `drive[.]google[.]com/drive/u/1/folders/1cXT5FzX-IvgchroQOKitw3my3yY9Avl8` distribution_url: `hxxps[://]github[.]com/TJ9373/stickman-nft/commit/569601319ecf96a4007fee74243ad49268412da9[.]patch` analyst_extracted_contents_hidden `App.test.js`: hxxps[://]hst[.]sh/witoneqogo[.]js context: ![Screenshot 2025-01-07 at 6.44.02 PM](https://hackmd.io/_uploads/H1APaVi8kl.png) ![Screenshot 2025-01-07 at 6.48.20 PM](https://hackmd.io/_uploads/H1hOTNiLyg.png) distribution_url_commit_email: `tomasjohnson9@outlook[.]com` analyst_XOR_KEY: ``` XOR_KEY = b"!!!HappyPenguin1950!!!" ``` credits_researcher: illuminatifish & locknessko initial_report: roughhero76 partial_data_contained_in_obfuscation: ``` - hxxp[://]185[.]235[.]241[.]208:1224/client/15/212 - hxxp[://]185[.]235[.]241[.]208:1224/uploads - hxxp[://]185[.]235[.]241[.]208:1224/pdown ``` `tomasjohnson9@outlook[.]com`_email_data_osint-industries: ```json [ { "module": "microsoft", "schemaModule": "Microsoft", "data": {}, "spec_format": [ { "registered": { "type": "bool", "proper_key": "Registered", "value": true }, "id": { "type": "str", "proper_key": "Id", "value": "A59100D8C411B07F" }, "name": { "type": "str", "proper_key": "Name", "value": "Tomas Johnson" }, "location": { "type": "str", "proper_key": "Location", "value": "US" }, "email_hint": { "type": "str", "proper_key": "Email Hint", "value": "ke *** @oddlygood[.]shop" }, "platform_variables": [ { "key": "has_phone", "proper_key": "Has Phone", "value": true, "type": "bool" }, { "key": "password_login", "proper_key": "Password Login", "value": true, "type": "bool" }, { "key": "remote_ngc_login", "proper_key": "Remote Ngc Login", "value": false, "type": "bool" }, { "key": "fido_login", "proper_key": "Fido Login", "value": false, "type": "bool" }, { "key": "cobasi_app", "proper_key": "Cobasi App", "value": false, "type": "bool" }, { "key": "github_fed", "proper_key": "Github Fed", "value": false, "type": "bool" }, { "key": "google_fed", "proper_key": "Google Fed", "value": false, "type": "bool" }, { "key": "linkedin_fed", "proper_key": "Linkedin Fed", "value": false, "type": "bool" } ] } ], "status": "found", "query": "tomasjohnson9@outlook[.]com", "from": "User supplied email.", "reliable_source": true, "pretty_name": "Microsoft", "type": "card", "category": { "name": "Others", "description": "Platforms that do not fit into other categories." }, "widgets": [ { "type": "contact_point", "content": [ { "contact_type": "Email Hints", "value": "ke *** @oddlygood[.]shop", "is_obfuscated": true, "is_exact_length": false, "verified": null } ] } ], "front_schemas": [ { "module": "Microsoft", "body": { "Location": "US", "Phone Linked": true, "Has Password": true }, "tags": [], "timeline": { "last_seen": true, "registered": true, "last_seen_date": null, "registered_date": null, "groups": {}, "group_items": {}, "group_years": {} } } ] } ] ```