Comments (11)
really? have you read this report?
from aptnotes.
It’s like a sale pitch. Couldn’t find any other reports getting deeper in a quick google search
from aptnotes.
Google for Win7.Generic (:
from aptnotes.
I skipped the sales guff, saw the description of a long targeted campaign that I saw had been previously tagged as crimeware and thought - ah that tends to be interesting.
But looking at the domains eg; http://totalhash.com/search/dnsrr:download-web-shield.com
yeah... that really does look like crimeware a sales guy has written up as something very different.
from aptnotes.
And I don't know how $150k comes from a few domains and ssl certs :)
from aptnotes.
This has been in various .il news past week. The only metadata/IOCs I found are here, like chris pointed
Yeah looks salesy overall. I'll keep an eye open for any hashes.
from aptnotes.
I saw that one. I was hoping to find some deeper analysing document. So far nothing found
from aptnotes.
Lots of samples available in german installers for freeware packed with typical adware https://malwr.com/analysis/ZGY4MGNjZDQ1NjZjNGQ4MTk2ZGZhYTg4Zjk4ODBjYTA/
from aptnotes.
https://www.virustotal.com/en/domain/amazon.com/information/
https://www.virustotal.com/en/ip-address/82.98.97.183/information/
https://www.virustotal.com/en/file/24d45dd46080a847876fa028e8b370397b99ba172384e3b82cbc2b76066c93d2/analysis/
https://www.virustotal.com/en/file/4bab75a8910f97820351e2d7a0b8ca448e6f9de6a7e3f42a0d22f4185f2580c6/analysis/
between 30-40/55 positives
from aptnotes.
I did found those. I was interested in the background of the operation (Harkonnen).
from aptnotes.
Dynamoo has some analysis on the same malware. This shows that it is adware, and not apt.
After collecting info and asking around, this report seems is a little too fantastic. Skipping this report. Thanks for the discussion!
from aptnotes.
Related Issues (20)
- Operation Dust Storm HOT 1
- Discontinued? HOT 5
- Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans HOT 2
- Taiwan Presidential Election: A Case Study on Thematic Targeting HOT 1
- Carbanak Group Targets Executives of Financial Organizations in the Middle East HOT 1
- Ponmocup: A giant hiding in the shadows HOT 2
- Create SHA-1 association for reports HOT 1
- add mutter HOT 1
- Turbo Twist: Two 64-bit Derusbi Strains Converge HOT 1
- FROM SEOUL TO SONY: THE HISTORY OF THE DARKSEOUL GROUP AND THE SONY INTRUSION MALWARE DESTOVER HOT 1
- Add Trend Micro C-Major update (Android & Blackberry) HOT 1
- Add Citizen Lab Hong Kong & Burma CE Report HOT 1
- Add Arbor Four Element Report HOT 1
- add new suckfly blog from Symantec HOT 1
- add groundbait from eset HOT 1
- ADD CheckPoint Security treatment of NuclearsExploit Kit. HOT 1
- Cyberespionage against RUAG HOT 1
- Prince of Persia – Game Over HOT 1
- A dive into MuddyWater APT targeting Middle-East
- Would someone need (Agent.btz + fanny.bmp malware samples )
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aptnotes.