Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Silence group targeting Russian Banks via Malicious CHM
- Mitre Att&ck
- T1193 : Spearphishing Attachment
- T1223 : Compiled HTML File
- T1105 : Remote File Copy
- T1043 : Commonly Used Port
- T1170 : Mshta
- T1036 : Masquerading
- T1059 : Command-Line Interface
- T1086 : Powershell
- T1064 : Scripting
- T1140 : Deobfuscate/Decode Files or Information
- T1060 : Registry Run Keys / Startup Folder
- T1082 : System Information Discovery
- IOCs
- SHA1 CHM files
- 20055FC3F1DB35B279F15D398914CABA11E5AD9D
- D83D27BC15E960DD50EAD02F70BD442593E92427
- 2250174B8998A787332C198FC94DB4615504D771
- 9D4BBE09A09187756533EE6F5A6C2258F6238773
- D167B13988AA0B277426489F343A484334A394D0
- 26A8CFB5F03EAC0807DD4FD80E80DBD39A7FD8A6
- SHA1 Dropped files
- 290321C1A00F93CDC55B1A22DA629B3FCF192101
- 2CD620CEA310B0EDB68E4BB27301B2563191287B
- E5CB1BE1A22A7BF5816ED16C5644119B51B07837
- IPs
- 146.0.72.139
- 146.0.72.188
Add Comment
Please, Sign In to add comment