ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create Readme.md

Browse Source
This commit is contained in:
StrangerealIntel 2019-08-28 01:45:56 +02:00 committed by GitHub
parent a4e192a865
commit 3cf0ac1e03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
offshore APT organization/Bitter/27-08-19/decrypt/Readme.md Normal file
View File

@ -0,0 +1,10 @@
## Tool for decoding the encoded strings of ArtraDownloader
##### This tool decoding the encoded strings of the three variants of ArtraDownloader used by the APT Bitter group (August 2019)
##### The following syntax is the next :
```sh
> decrypt.ps1 "[Encoded string]" [Num Variant]
```
##### This will be give you the following result :
![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/offshore%20APT%20organization/Bitter/27-08-19/decrypt/Result.png)
##### URL Tool : https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/offshore%20APT%20organization/Bitter/27-08-19/decrypt/decrypt.ps1
##### Ref Analysis: https://unit42.paloaltonetworks.com/multiple-artradownloader-variants-used-by-bitter-to-target-pakistan/