mirror of
https://github.com/avast/ioc
synced 2024-06-16 11:58:39 +00:00
Merge pull request #49 from pavelnovak1/master
IoCs for Agent Tesla ISO Email campaign
This commit is contained in:
commit
ff6f01ba5f
31
AgentTeslaISOCampaign/README.md
Normal file
31
AgentTeslaISOCampaign/README.md
Normal file
@ -0,0 +1,31 @@
|
||||
# IoC from Operation Dragon Castling
|
||||
|
||||
Malware analysis and more technical information at <https://decoded.avast.io/pavelnovak/agenttesla-is-threatening-businesses-around-the-world-with-a-new-campaign/>
|
||||
|
||||
|
||||
### Table of Contents
|
||||
* [Samples (SHA-256)](#samples-sha-256)
|
||||
* [Network indicators](#network-indicators)
|
||||
|
||||
## Samples (SHA-256)
|
||||
```
|
||||
ISO Attachment
|
||||
83fe51953a0fe44389e197244faf90afe8ee80101dc33cb294cf6ef710e5aaba
|
||||
|
||||
AgentTesla Downloader Script
|
||||
76f707afa3d4b2678aa5af270ea9325de6f8fdc4badf7249418e785438f1b8da
|
||||
|
||||
AgentTesla Injector
|
||||
eb455ffb1595d1a06fc850ebc49b270ae84dd609e7b52144a60bb45cf4c4eb0e
|
||||
```
|
||||
|
||||
## Network indicators
|
||||
```
|
||||
FTP Exfiltration Server
|
||||
ftp.akmokykla.lt
|
||||
|
||||
AgentTesla Download Servers
|
||||
assltextile.com/Su34M.jpg
|
||||
consult-mob.ro/M777.jpg
|
||||
handcosalon.com/Su57.jpg
|
||||
```
|
4
AgentTeslaISOCampaign/network.txt
Normal file
4
AgentTeslaISOCampaign/network.txt
Normal file
@ -0,0 +1,4 @@
|
||||
ftp.akmokykla.lt
|
||||
assltextile.com/Su34M.jpg
|
||||
consult-mob.ro/M777.jpg
|
||||
handcosalon.com/Su57.jpg
|
3
AgentTeslaISOCampaign/samples.md5
Normal file
3
AgentTeslaISOCampaign/samples.md5
Normal file
@ -0,0 +1,3 @@
|
||||
540594cb9d666f26237e6c346a875e1a
|
||||
6664317aae5097b03ee282210c3d32b8
|
||||
c3dbb827394bed4ea054a4c50eedc161
|
3
AgentTeslaISOCampaign/samples.sha1
Normal file
3
AgentTeslaISOCampaign/samples.sha1
Normal file
@ -0,0 +1,3 @@
|
||||
f3f77f07de43e480a983448c61e53a160c1b6ada
|
||||
7e3f9c2f1ebc383fd7e057e6fa32f5cdc74502d5
|
||||
683c33b67d5f09add96a60a3dd998769309edb99
|
3
AgentTeslaISOCampaign/samples.sha256
Normal file
3
AgentTeslaISOCampaign/samples.sha256
Normal file
@ -0,0 +1,3 @@
|
||||
83fe51953a0fe44389e197244faf90afe8ee80101dc33cb294cf6ef710e5aaba
|
||||
76f707afa3d4b2678aa5af270ea9325de6f8fdc4badf7249418e785438f1b8da
|
||||
eb455ffb1595d1a06fc850ebc49b270ae84dd609e7b52144a60bb45cf4c4eb0e
|
Loading…
Reference in New Issue
Block a user