mirror of https://github.com/avast/ioc
4b16028e37
|
||
|---|---|---|
| .. | ||
| README.md | ||
| network.txt | ||
| samples.md5 | ||
| samples.sha1 | ||
| samples.sha256 | ||
IoC for Compromised Philippine Navy Certificate
Malware analysis and more technical informations at https://decoded.avast.io/threatintel/avast-finds-compromised-philippine-navy-certificate-used-in-remote-access-tool/
Table of Contents
Samples (SHA-256)
Binary and related files
85FA43C3F84B31FBE34BF078AF5A614612D32282D7B14523610A13944AADAACB - C:\Windows\System32\wlbsctrl.dll
Network indicators
C&C servers
dost[.]igov-service[.]net:8443
File names
C:\Windows\System32\wlbsctrl.dll
Mutex
t7As7y9I6EGwJOQkJz1oRvPUFx1CJTsjzgDlm0CxIa4=