CyberThreatIntel/Indian/APT/Donot/17-09-19/Malware analysis.md

Table of Contents

• Malware analysis
  • Initial vector
• Cyber Threat Intel
• Indicators Of Compromise (IOC)
• References MITRE ATT&CK Matrix
• Links
  • Original Tweet
  • Link Anyrun
  • Documents

Malware analysis

Initial vector

The initial vector

Cyber kill chain

The process graph resume the cyber kill chain used by the attacker.

Cyber Threat Intel

References MITRE ATT&CK Matrix

List of all the references with MITRE ATT&CK Matrix

Enterprise tactics	Technics used	Ref URL

Indicators Of Compromise (IOC)

List of all the Indicators Of Compromise (IOC)

Indicator	Description
	Domain requested
	IP requested
	HTTP/HTTPS requests
	IP C2
	Domain C2

This can be exported as JSON format Export in JSON

Links

Original tweet: https://twitter.com/Timele9527/status/1173431630171492352

Links Anyrun:

• 86ccedaa93743e83787f53e09e376713
• d2263c15dfcccfef16ecf1c1c9304064befddf49cdbbd40abd12513481d7faf7.doc
• 01d85719c5fec354431881f304307bb5521ecf6cb50eec4d3ec40d103dd3d3ae.docx
• 17e3a134ee4bcb50a9f608409853628ac619fd24cffd8d15868cf96ce63bb775.doc
• A1719.docx
• 57ecda52cfb12afa08e84fe86cd61a95.zip
• Scan0012.docx

Documents:

• link