admin/APT_REPORT
1
0
Fork 0
mirror of https://github.com/blackorbird/APT_REPORT.git synced 2025-05-06 10:51:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create aptnote0402

Browse Source
This commit is contained in:
blackorbird 2019-04-03 14:21:12 +08:00 committed by GitHub
parent ea5411af01
commit a8ad3ab865
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
Oceanlotus/aptnote0402 Normal file
View File

@ -0,0 +1,38 @@
https://threatvector.cylance.com/en_us/home/report-oceanlotus-apt-group-leveraging-steganography.html
ae1b6f50b166024f960ac792697cd688be9288601f423c15abbc755c66b6daa4 SHA256 Loader #1
0ee693e714be91fd947954daee85d2cd8d3602e9d8a840d520a2b17f7c80d999 SHA256 Loader #1
a2719f203c3e8dcdcc714dd3c1b60a4cbb5f7d7296dbb88b2a756d85bf0e9c1e SHA256 Loader #1
4c02b13441264bf18cc63603b767c3d804a545a60c66ca60512ee59abba28d4d SHA256 Loader #2
e0fc83e57fbbb81cbd07444a61e56e0400f7c54f80242289779853e38beb341e SHA256 Loader #2
cd67415dd634fd202fa1f05aa26233c74dc85332f70e11469e02b370f3943b1d SHA256 Loader #2
9112f23e15fdcf14a58afa424d527f124a4170f57bd7411c82a8cdc716f6e934 SHA256 Loader #2
ecaeb1b321472f89b6b3c5fb87ec3df3d43a10894d18b575d98287b81363626f SHA256 Loader #2
478cc5faadd99051a5ab48012c494a807c7782132ba4f33b9ad9229a696f6382 SHA256 Loader #2
72441fe221c6a25b3792d18f491c68254e965b0401a845829a292a1d70b2e49a SHA256 Payload PNG (loader #1)
11b4c284b3c8b12e83da0b85f59a589e8e46894fa749b847873ed6bab2029c0f SHA256 Payload PNG (loader #2)
d78a83e9bf4511c33eaab9a33ebf7ccc16e104301a7567dd77ac3294474efced SHA256 Payload PNG (loader #2)
E:\ProjectGit\SHELL\BrokenSheild\BrokenShieldPrj\Bin\x86\Release\DllExportx86.pdb PDB Path Loader #1
C:\Users\Meister\Documents\Projects\BrokenShield\Bin\x86\Release\BrokenShield.pdb PDB Path Loader #2
kermacrescen.com C2 7244…
stellefaff.com C2 7244…
manongrover.com C2 7244…
background.ristians.com:8888 C2 11b4…
enum.arkoorr.com:8531 C2 11b4…
worker.baraeme.com:8888 C2 11b4…
enum.arkoorr.com:8888 C2 11b4…
worker.baraeme.com:8531 C2 11b4…
plan.evillese.com:8531 C2 11b4…
background.ristians.com:8531 C2 11b4…
plan.evillese.com:8888 C2 11b4…
SOFTWARE\Classes\CLSID\{E3517E26-8E93-458D-A6DF-8030BC80528B} Registry/
CLSID
7244…
SOFTWARE\App\AppX06c7130ad61f4f60b50394b8cba3d35f\Applicationz Registry 7244…
SOFTWARE\Classes\CLSID\{57C3E2E2-C18F-4ABF-BAAA-9D17879AB029} Registry/
CLSID
11b4…
{79828CC5-8979-43C0-9299-8E155B397281}.dll Internal
name
11b4…