mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-06-07 23:53:37 +00:00
2017.11.06.ChessMaster_New_Strategy
This commit is contained in:
parent
d947929cbc
commit
6a08261026
11
2017/2017.11.06.ChessMaster_New_Strategy/IOC.txt
Normal file
11
2017/2017.11.06.ChessMaster_New_Strategy/IOC.txt
Normal file
@ -0,0 +1,11 @@
|
||||
Related hashes detected as BKDR_ANEL.ZKEI (SHA-256):
|
||||
|
||||
af1b2cd8580650d826f48ad824deef3749a7db6fde1c7e1dc115c6b0a7dfa0dd
|
||||
Command-and-control server:
|
||||
|
||||
hxxp://62[.]75[.]197[.]131/page/?[random strings]
|
||||
URLs related to the campaign
|
||||
|
||||
hxxp://89[.]18[.]27[.]159/img.db
|
||||
hxxp://89[.]18[.]27[.]159:8080/lK0RS
|
||||
hxxp://89[.]18[.]27[.]159/FA347FEiwq.jpg
|
BIN
2017/2017.11.06.ChessMaster_New_Strategy/chessmasters-new-strategy-evolving-tools-tactics.pdf
Normal file
BIN
2017/2017.11.06.ChessMaster_New_Strategy/chessmasters-new-strategy-evolving-tools-tactics.pdf
Normal file
Binary file not shown.
@ -12,6 +12,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
|
||||
* [targetedthreats](https://github.com/botherder/targetedthreats/wiki/Reports)
|
||||
|
||||
## 2017
|
||||
* Nov 06 - [[Trend Micro] ChessMaster’s New Strategy: Evolving Tools and Tactics](http://blog.trendmicro.com/trendlabs-security-intelligence/chessmasters-new-strategy-evolving-tools-tactics/) | [Local](../../blob/master/2017/2017.11.06.ChessMaster_New_Strategy)
|
||||
* Nov 02 - [[PwC] The KeyBoys are back in town](http://www.pwc.co.uk/issues/cyber-security-data-privacy/research/the-keyboys-are-back-in-town.html) | [Local](../../blob/master/2017/2017.11.02.KeyBoys_are_back)
|
||||
* Oct 31 - [[Cybereason] Night of the Devil: Ransomware or wiper? A look into targeted attacks in Japan using MBR-ONI](https://www.cybereason.com/blog/night-of-the-devil-ransomware-or-wiper-a-look-into-targeted-attacks-in-japan) | [Local](../../blob/master/2017/2017.10.31.MBR-ONI.Japan)
|
||||
* Oct 30 - [[Kaspersky] Gaza Cybergang – updated activity in 2017](https://securelist.com/gaza-cybergang-updated-2017-activity/82765/) | [Local](../../blob/master/2017/2017.10.30.Gaza_Cybergang)
|
||||
|
Loading…
Reference in New Issue
Block a user