2017.03.06.from-shamoon-to-stonedrill

This commit is contained in:
CyberMonitor 2017-03-07 14:38:07 +08:00
parent 98179000a2
commit 7bff58310b
7 changed files with 54 additions and 0 deletions

@ -0,0 +1,53 @@
Indicators of Compromise
Shamoon MD5s
00c417425a73db5a315d23fac8cb353f
271554cff73c3843b9282951f2ea7509
2cd0a5f1e9bcce6807e57ec8477d222a
33a63f09e0962313285c0f0fb654ae11
38f3bed2635857dc385c5d569bbc88ac
41f8cd9ac3fb6b1771177e5770537518
5446f46d89124462ae7aca4fce420423
548f6b23799f9265c01feefc6d86a5d3
63443027d7b30ef0582778f1c11f36f3
6a7bff614a1c2fd2901a5bd1d878be59
6bebb161bc45080200a204f0a1d6fc08
7772ce23c23f28596145656855fd02fc
7946788b175e299415ad9059da03b1b2
7edd88dd4511a7d5bcb91f2ff177d29d
7f399a3362c4a33b5a58e94b8631a3d5
8405aa3d86a22301ae62057d818b6b68
8712cea8b5e3ce0073330fd425d34416
8fbe990c2d493f58a2afa2b746e49c86
940cee0d5985960b4ed265a859a7c169
9d40d04d64f26a30da893b7a30da04eb
aae531a922d9cca9ddca3d98be09f9df
ac8636b6ad8f946e1d756cd4b1ed866d
af053352fe1a02ba8010ec7524670ed9
b4ddab362a20578dc6ca0bc8cc8ab986
baa9862b027abd61b3e19941e40b1b2d
c843046e54b755ec63ccb09d0a689674
d30cfa003ebfcd4d7c659a73a8dce11e
da3d900f8b090c705e8256e1193a18ec
dc79867623b7929fd055d94456be8ba0
ec010868e3e4c47239bf720738e058e3
efab909e4d089b8f5a73e0b363f471c1
StoneDrill MD5s
ac3c25534c076623192b9381f926ba0d
0ccc9ec82f1d44c243329014b82d3125
8e67f4c98754a2373a49eaf53425d79a
fb21f3cea1aa051ba2a45e75d46b98b8
StoneDrill C2s
www.eservic[.]com
www.securityupdated[.]com
www.actdire[.]com
www.chromup[.]com
www.chrome-up[.]date
service1.chrome-up[.]date
service.chrome-up[.]date
webmaster.serveirc[.]com

@ -10,6 +10,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
* [Attack Wiki](https://attack.mitre.org/wiki/Groups)
## 2017
* Mar 06 - [From Shamoon to StoneDrill](https://securelist.com/blog/research/77725/from-shamoon-to-stonedrill/) | [Local](../../blob/master/2017/2017.03.06.from-shamoon-to-stonedrill)
* Feb 28 - [Dridexs Cold War: Enter AtomBombing](https://securityintelligence.com/dridexs-cold-war-enter-atombombing/) | [Local](../../blob/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing)
* Feb 27 - [The Gamaredon Group Toolset Evolution](http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/) | [Local](../../blob/master/2017/2017.02.27.gamaredon-group-toolset-evolution/)
* Feb 23 - [Dissecting the APT28 Mac OS X Payload](https://download.bitdefender.com/resources/files/News/CaseStudies/study/143/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf) | [Local](../../blob/master/2017/2017.02.23.APT28_Mac_OS_X_Payload)