2017.06.30.From_BlackEnergy_to_ExPetr

2024-06-24 07:49:57 +00:00 · 2017-10-27 10:39:21 +08:00 · 2017-10-27 10:39:21 +08:00 · a99e54cf15
commit a99e54cf15
parent 9b2b78c87d
3 changed files with 21 additions and 0 deletions
--- a/2017/2017.06.30.From_BlackEnergy_to_ExPetr/From
+++ b/2017/2017.06.30.From_BlackEnergy_to_ExPetr/From
--- a/2017/2017.06.30.From_BlackEnergy_to_ExPetr/Hash.txt
+++ b/2017/2017.06.30.From_BlackEnergy_to_ExPetr/Hash.txt
@ -0,0 +1,19 @@
+ExPetr:
+
+027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745
+
+BE:
+
+11b7b8a7965b52ebb213b023b6772dd2c76c66893fc96a18a9a33c8cf125af80
+
+5d2b1abc7c35de73375dd54a4ec5f0b060ca80a1831dac46ad411b4fe4eac4c6
+
+F52869474834be5a6b5df7f8f0c46cbc7e9b22fa5cb30bee0f363ec6eb056b95
+
+368d5c536832b843c6de2513baf7b11bcafea1647c65df7b6f2648840fa50f75
+
+A6a167e214acd34b4084237ba7f6476d2e999849281aa5b1b3f92138c7d91c7a
+
+Edbc90c217eebabb7a9b618163716f430098202e904ddc16ce9db994c6509310
+
+F9f3374d89baf1878854f1700c8d5a2e5cf40de36071d97c6b9ff6b55d837fca
--- a/README.md
+++ b/README.md
@ -37,6 +37,8 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
 * Jul 11 - [[ProtectWise] Winnti Evolution - Going Open Source](https://www.protectwise.com/blog/winnti-evolution-going-open-source.html) | [Local](../../blob/master/2017/2017.07.11.winnti-evolution-going-open-source)
 * Jul 10 - [[Trend Micro] OSX Malware Linked to Operation Emmental Hijacks User Network Traffic](http://blog.trendmicro.com/trendlabs-security-intelligence/osx_dok-mac-malware-emmental-hijacks-user-network-traffic/) | [Local](../../blob/master/2017/2017.07.10.osx_dok-mac-malware-emmental-hijacks-user-network-traffic)
 * Jul 05 - [[Citizen Lab] Insider Information: An intrusion campaign targeting Chinese language news sites](https://citizenlab.org/2017/07/insider-information-an-intrusion-campaign-targeting-chinese-language-news-sites/) | [Local](../../blob/master/2017/2017.07.05.insider-information)
+* Jun 30 - [[ESET] TeleBots are back: supply-chain attacks against Ukraine](https://www.welivesecurity.com/2017/06/30/telebots-back-supply-chain-attacks-against-ukraine/) | [Local](../../blob/master/2017/2017.06.30.telebots-back-supply-chain)
+* Jun 30 - [[Kaspersky] From BlackEnergy to ExPetr](https://securelist.com/from-blackenergy-to-expetr/78937/) | [Local](../../blob/master/2017/2017.06.30.From_BlackEnergy_to_ExPetr)
 * Jun 22 - [The New and Improved macOS Backdoor from OceanLotus](https://researchcenter.paloaltonetworks.com/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/) | [Local](../../blob/master/2017/2017.06.22.new-improved-macos-backdoor-oceanlotus)
 * Jun 22 - [Following the Trail of BlackTech’s Cyber Espionage Campaigns](http://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns/) | [Local](../../blob/master/2017/2017.06.22.following-trail-blacktech-cyber-espionage-campaigns)
 * Jun 19 - [SHELLTEA + POSLURP MALWARE: memory resident point-of-sale malware attacks industry](https://www.root9b.com/sites/default/files/whitepapers/PoS%20Malware%20ShellTea%20PoSlurp_0.pdf) | [Local](../../blob/master/2017/2017.06.19.SHELLTEA_POSLURP_MALWARE)