mirror of
https://github.com/avast/ioc
synced 2024-06-16 11:58:39 +00:00
.. | ||
network.txt | ||
README.md | ||
samples.md5 | ||
samples.sha1 | ||
samples.sha256 |
IoC for Compromised Philippine Navy Certificate
Malware analysis and more technical informations at https://decoded.avast.io/threatintel/avast-finds-compromised-philippine-navy-certificate-used-in-remote-access-tool/
Table of Contents
Samples (SHA-256)
Binary and related files
85FA43C3F84B31FBE34BF078AF5A614612D32282D7B14523610A13944AADAACB - C:\Windows\System32\wlbsctrl.dll
Network indicators
C&C servers
dost[.]igov-service[.]net:8443
File names
C:\Windows\System32\wlbsctrl.dll
Mutex
t7As7y9I6EGwJOQkJz1oRvPUFx1CJTsjzgDlm0CxIa4=