ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Malware analysis 27-08-19.md

Browse Source
This commit is contained in:
StrangerealIntel 2019-09-09 15:23:18 +02:00 committed by GitHub
parent f030350dab
commit 4491660943
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md
View File

@ -32,7 +32,7 @@
###### At the date of the submission in VT, the C2 is down and the next step can't be analysed.
## Cyber kill chain <a name="Cyber-kill-chain"></a>
###### The process graph resume the cyber kill chain used by the attacker.
![alt text]()
![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Indian/APT/Patchwork/27-08-19/Images/Cyber.png "")
## Cyber Threat Intel <a name="Cyber-Threat-Intel"></a>
###### Firstly, we can observe that the payload seems be with the Professional version of Inpage (2.21). Inpage is currently used in Pakistan which is consistent with the fact that Patchwork is an Indian APT.
###### Secondly, we can note the same pdb path what the 360TI analysis.