mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-06-25 00:10:26 +00:00
2017.03.06.from-shamoon-to-stonedrill
This commit is contained in:
parent
98179000a2
commit
7bff58310b
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ A Code Injection that Bypasses Current Security Solutions.pdf
Normal file
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ A Code Injection that Bypasses Current Security Solutions.pdf
Normal file
Binary file not shown.
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ Brand New Code Injection for Windows - Breaking Malware.pdf
Normal file
BIN
2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_ Brand New Code Injection for Windows - Breaking Malware.pdf
Normal file
Binary file not shown.
53
2017/2017.03.06.from-shamoon-to-stonedrill/IOC.txt
Normal file
53
2017/2017.03.06.from-shamoon-to-stonedrill/IOC.txt
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
Indicators of Compromise
|
||||||
|
|
||||||
|
Shamoon MD5s
|
||||||
|
|
||||||
|
00c417425a73db5a315d23fac8cb353f
|
||||||
|
271554cff73c3843b9282951f2ea7509
|
||||||
|
2cd0a5f1e9bcce6807e57ec8477d222a
|
||||||
|
33a63f09e0962313285c0f0fb654ae11
|
||||||
|
38f3bed2635857dc385c5d569bbc88ac
|
||||||
|
41f8cd9ac3fb6b1771177e5770537518
|
||||||
|
5446f46d89124462ae7aca4fce420423
|
||||||
|
548f6b23799f9265c01feefc6d86a5d3
|
||||||
|
63443027d7b30ef0582778f1c11f36f3
|
||||||
|
6a7bff614a1c2fd2901a5bd1d878be59
|
||||||
|
6bebb161bc45080200a204f0a1d6fc08
|
||||||
|
7772ce23c23f28596145656855fd02fc
|
||||||
|
7946788b175e299415ad9059da03b1b2
|
||||||
|
7edd88dd4511a7d5bcb91f2ff177d29d
|
||||||
|
7f399a3362c4a33b5a58e94b8631a3d5
|
||||||
|
8405aa3d86a22301ae62057d818b6b68
|
||||||
|
8712cea8b5e3ce0073330fd425d34416
|
||||||
|
8fbe990c2d493f58a2afa2b746e49c86
|
||||||
|
940cee0d5985960b4ed265a859a7c169
|
||||||
|
9d40d04d64f26a30da893b7a30da04eb
|
||||||
|
aae531a922d9cca9ddca3d98be09f9df
|
||||||
|
ac8636b6ad8f946e1d756cd4b1ed866d
|
||||||
|
af053352fe1a02ba8010ec7524670ed9
|
||||||
|
b4ddab362a20578dc6ca0bc8cc8ab986
|
||||||
|
baa9862b027abd61b3e19941e40b1b2d
|
||||||
|
c843046e54b755ec63ccb09d0a689674
|
||||||
|
d30cfa003ebfcd4d7c659a73a8dce11e
|
||||||
|
da3d900f8b090c705e8256e1193a18ec
|
||||||
|
dc79867623b7929fd055d94456be8ba0
|
||||||
|
ec010868e3e4c47239bf720738e058e3
|
||||||
|
efab909e4d089b8f5a73e0b363f471c1
|
||||||
|
|
||||||
|
StoneDrill MD5s
|
||||||
|
|
||||||
|
ac3c25534c076623192b9381f926ba0d
|
||||||
|
0ccc9ec82f1d44c243329014b82d3125
|
||||||
|
8e67f4c98754a2373a49eaf53425d79a
|
||||||
|
fb21f3cea1aa051ba2a45e75d46b98b8
|
||||||
|
|
||||||
|
StoneDrill C2s
|
||||||
|
|
||||||
|
www.eservic[.]com
|
||||||
|
www.securityupdated[.]com
|
||||||
|
www.actdire[.]com
|
||||||
|
www.chromup[.]com
|
||||||
|
www.chrome-up[.]date
|
||||||
|
service1.chrome-up[.]date
|
||||||
|
service.chrome-up[.]date
|
||||||
|
webmaster.serveirc[.]com
|
Binary file not shown.
BIN
2017/2017.03.06.from-shamoon-to-stonedrill/Shamoon_samples.zip
Normal file
BIN
2017/2017.03.06.from-shamoon-to-stonedrill/Shamoon_samples.zip
Normal file
Binary file not shown.
Binary file not shown.
@ -10,6 +10,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
|
|||||||
* [Attack Wiki](https://attack.mitre.org/wiki/Groups)
|
* [Attack Wiki](https://attack.mitre.org/wiki/Groups)
|
||||||
|
|
||||||
## 2017
|
## 2017
|
||||||
|
* Mar 06 - [From Shamoon to StoneDrill](https://securelist.com/blog/research/77725/from-shamoon-to-stonedrill/) | [Local](../../blob/master/2017/2017.03.06.from-shamoon-to-stonedrill)
|
||||||
* Feb 28 - [Dridex’s Cold War: Enter AtomBombing](https://securityintelligence.com/dridexs-cold-war-enter-atombombing/) | [Local](../../blob/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing)
|
* Feb 28 - [Dridex’s Cold War: Enter AtomBombing](https://securityintelligence.com/dridexs-cold-war-enter-atombombing/) | [Local](../../blob/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing)
|
||||||
* Feb 27 - [The Gamaredon Group Toolset Evolution](http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/) | [Local](../../blob/master/2017/2017.02.27.gamaredon-group-toolset-evolution/)
|
* Feb 27 - [The Gamaredon Group Toolset Evolution](http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/) | [Local](../../blob/master/2017/2017.02.27.gamaredon-group-toolset-evolution/)
|
||||||
* Feb 23 - [Dissecting the APT28 Mac OS X Payload](https://download.bitdefender.com/resources/files/News/CaseStudies/study/143/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf) | [Local](../../blob/master/2017/2017.02.23.APT28_Mac_OS_X_Payload)
|
* Feb 23 - [Dissecting the APT28 Mac OS X Payload](https://download.bitdefender.com/resources/files/News/CaseStudies/study/143/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf) | [Local](../../blob/master/2017/2017.02.23.APT28_Mac_OS_X_Payload)
|
||||||
|
Loading…
Reference in New Issue
Block a user