Silence group targeting Russian Banks via Malicious CHM

1. Silence group targeting Russian Banks via Malicious CHM
2.  
3. Mitre Att&ck
4. T1193 : Spearphishing Attachment
5. T1223 : Compiled HTML File
6. T1105 : Remote File Copy
7. T1043 : Commonly Used Port
8. T1170 : Mshta
9. T1036 : Masquerading
10. T1059 : Command-Line Interface
11. T1086 : Powershell
12. T1064 : Scripting
13. T1140 : Deobfuscate/Decode Files or Information
14. T1060 : Registry Run Keys / Startup Folder
15. T1082 : System Information Discovery
16.  
17. IOCs
18. SHA1 CHM files
19. 20055FC3F1DB35B279F15D398914CABA11E5AD9D
20. D83D27BC15E960DD50EAD02F70BD442593E92427
21. 2250174B8998A787332C198FC94DB4615504D771
22. 9D4BBE09A09187756533EE6F5A6C2258F6238773
23. D167B13988AA0B277426489F343A484334A394D0
24. 26A8CFB5F03EAC0807DD4FD80E80DBD39A7FD8A6
25.  
26. SHA1 Dropped files
27. 290321C1A00F93CDC55B1A22DA629B3FCF192101
28. 2CD620CEA310B0EDB68E4BB27301B2563191287B
29. E5CB1BE1A22A7BF5816ED16C5644119B51B07837
30.  
31. IPs
32. 146.0.72.139
33. 146.0.72.188