ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Malware analysis 25-08-19.md

Browse Source
This commit is contained in:
StrangerealIntel 2019-08-26 22:53:27 +02:00 committed by GitHub
parent e665700997
commit b29038f16a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Pakistan/APT/Gorgon/23-08-19/Malware analysis 25-08-19.md
View File

@ -10,7 +10,7 @@
+ [Bitly link](#bitly) + [Bitly link](#bitly)
+ [C2 domains](#C2) + [C2 domains](#C2)
+ [The troubling case of the Hagga account](#Hagga) + [The troubling case of the Hagga account](#Hagga)
* [IOC](#IOC) * [Indicators Of Compromise (IOC)](#IOC)
* [References MITRE ATT&CK Matrix](#Ref-MITRE-ATTACK) * [References MITRE ATT&CK Matrix](#Ref-MITRE-ATTACK)
* [Links](#Links) * [Links](#Links)
+ [Original Tweet](#Original-Tweet) + [Original Tweet](#Original-Tweet)
@ -136,6 +136,7 @@
| Indicator | Description| | Indicator | Description|
| ------------- |:-------------| | ------------- |:-------------|
|IMG76329797.xls|e66181155a9cd827def409135334ecf173459e001e79853e1b38f2b8e5d8cc59| |IMG76329797.xls|e66181155a9cd827def409135334ecf173459e001e79853e1b38f2b8e5d8cc59|
|Inj.dll|84833991F1705A01A11149C9D037C8379A9C2D463DC30A2FEC27BFA52D218FA6|
|mse60dc.exe|de314d038d9b0f8ff32cfe3391c4eec53a3e453297978e46c9b90df2542ed592| |mse60dc.exe|de314d038d9b0f8ff32cfe3391c4eec53a3e453297978e46c9b90df2542ed592|
|bitly.com|domain requested| |bitly.com|domain requested|
|xaasxasxasx.blogspot.com|domain requested| |xaasxasxasx.blogspot.com|domain requested|
@ -165,9 +166,9 @@
|210.188.195.164|IP C2| |210.188.195.164|IP C2|
|23.20.239.12|IP C2| |23.20.239.12|IP C2|
|185.68.16.122|IP C2| |185.68.16.122|IP C2|
|199.192.23.220|IP C2v |199.192.23.220|IP C2|
###### This can be exported as JSON format [Export in JSON]() ###### This can be exported as JSON format [Export in JSON](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Pakistan/APT/Gorgon/23-08-19/IOC_Gorgon_25-08-19.json)
## Links <a name="Links"></a> ## Links <a name="Links"></a>