CyberThreatIntel/Indian/APT/SideWinder/11-10-2019/Analysis.md
2019-10-11 16:26:26 +02:00

1.7 KiB

The SideWinder campaign continue

Table of Contents

Malware analysis

The initial vector is a malicious excel file which used an XLM macro (macro v4). This uses a function for launch the payload when the excel windows is active (selected as primary window). As first action, this executes the module 1.

alt text

Cyber Threat Intel

Cyber kill chain

The process graphs resume all the cyber kill chains used by the attacker.

alt text

References MITRE ATT&CK Matrix

List of all the references with MITRE ATT&CK Matrix
Enterprise tactics Technics used Ref URL

Indicators Of Compromise (IOC)

List of all the Indicators Of Compromise (IOC)
Indicator Description
This can be exported as JSON format Export in JSON
Original tweet:
Ressources: