mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-06-16 03:50:04 +00:00
2017.03.06.from-shamoon-to-stonedrill
This commit is contained in:
parent
98179000a2
commit
7bff58310b
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ A Code Injection that Bypasses Current Security Solutions.pdf
Normal file
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ A Code Injection that Bypasses Current Security Solutions.pdf
Normal file
Binary file not shown.
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ Brand New Code Injection for Windows - Breaking Malware.pdf
Normal file
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ Brand New Code Injection for Windows - Breaking Malware.pdf
Normal file
Binary file not shown.
53
2017/2017.03.06.from-shamoon-to-stonedrill/IOC.txt
Normal file
53
2017/2017.03.06.from-shamoon-to-stonedrill/IOC.txt
Normal file
@ -0,0 +1,53 @@
|
||||
Indicators of Compromise
|
||||
|
||||
Shamoon MD5s
|
||||
|
||||
00c417425a73db5a315d23fac8cb353f
|
||||
271554cff73c3843b9282951f2ea7509
|
||||
2cd0a5f1e9bcce6807e57ec8477d222a
|
||||
33a63f09e0962313285c0f0fb654ae11
|
||||
38f3bed2635857dc385c5d569bbc88ac
|
||||
41f8cd9ac3fb6b1771177e5770537518
|
||||
5446f46d89124462ae7aca4fce420423
|
||||
548f6b23799f9265c01feefc6d86a5d3
|
||||
63443027d7b30ef0582778f1c11f36f3
|
||||
6a7bff614a1c2fd2901a5bd1d878be59
|
||||
6bebb161bc45080200a204f0a1d6fc08
|
||||
7772ce23c23f28596145656855fd02fc
|
||||
7946788b175e299415ad9059da03b1b2
|
||||
7edd88dd4511a7d5bcb91f2ff177d29d
|
||||
7f399a3362c4a33b5a58e94b8631a3d5
|
||||
8405aa3d86a22301ae62057d818b6b68
|
||||
8712cea8b5e3ce0073330fd425d34416
|
||||
8fbe990c2d493f58a2afa2b746e49c86
|
||||
940cee0d5985960b4ed265a859a7c169
|
||||
9d40d04d64f26a30da893b7a30da04eb
|
||||
aae531a922d9cca9ddca3d98be09f9df
|
||||
ac8636b6ad8f946e1d756cd4b1ed866d
|
||||
af053352fe1a02ba8010ec7524670ed9
|
||||
b4ddab362a20578dc6ca0bc8cc8ab986
|
||||
baa9862b027abd61b3e19941e40b1b2d
|
||||
c843046e54b755ec63ccb09d0a689674
|
||||
d30cfa003ebfcd4d7c659a73a8dce11e
|
||||
da3d900f8b090c705e8256e1193a18ec
|
||||
dc79867623b7929fd055d94456be8ba0
|
||||
ec010868e3e4c47239bf720738e058e3
|
||||
efab909e4d089b8f5a73e0b363f471c1
|
||||
|
||||
StoneDrill MD5s
|
||||
|
||||
ac3c25534c076623192b9381f926ba0d
|
||||
0ccc9ec82f1d44c243329014b82d3125
|
||||
8e67f4c98754a2373a49eaf53425d79a
|
||||
fb21f3cea1aa051ba2a45e75d46b98b8
|
||||
|
||||
StoneDrill C2s
|
||||
|
||||
www.eservic[.]com
|
||||
www.securityupdated[.]com
|
||||
www.actdire[.]com
|
||||
www.chromup[.]com
|
||||
www.chrome-up[.]date
|
||||
service1.chrome-up[.]date
|
||||
service.chrome-up[.]date
|
||||
webmaster.serveirc[.]com
|
Binary file not shown.
BIN
2017/2017.03.06.from-shamoon-to-stonedrill/Shamoon_samples.zip
Normal file
BIN
2017/2017.03.06.from-shamoon-to-stonedrill/Shamoon_samples.zip
Normal file
Binary file not shown.
Binary file not shown.
@ -10,6 +10,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
|
||||
* [Attack Wiki](https://attack.mitre.org/wiki/Groups)
|
||||
|
||||
## 2017
|
||||
* Mar 06 - [From Shamoon to StoneDrill](https://securelist.com/blog/research/77725/from-shamoon-to-stonedrill/) | [Local](../../blob/master/2017/2017.03.06.from-shamoon-to-stonedrill)
|
||||
* Feb 28 - [Dridex’s Cold War: Enter AtomBombing](https://securityintelligence.com/dridexs-cold-war-enter-atombombing/) | [Local](../../blob/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing)
|
||||
* Feb 27 - [The Gamaredon Group Toolset Evolution](http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/) | [Local](../../blob/master/2017/2017.02.27.gamaredon-group-toolset-evolution/)
|
||||
* Feb 23 - [Dissecting the APT28 Mac OS X Payload](https://download.bitdefender.com/resources/files/News/CaseStudies/study/143/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf) | [Local](../../blob/master/2017/2017.02.23.APT28_Mac_OS_X_Payload)
|
||||
|
Loading…
Reference in New Issue
Block a user