YARA signature "mimikatz_lsass_mdmp" matched file "all.bstring" as "LSASS minidump file for mimikatz" based on indicators: "system32\lsass.exe,System32\lsass.exe" (Author: Benjamin DELPY (gentilkiwi))ĭetected network related fingerprinting/snooping attempt YARA signature "ThreatGroup3390_C2" classified file "all.bstring" as "apt,threatgroup3390" based on indicators: "up." (Reference:, Author: Florian Roth) YARA signature "APT_Malware_PutterPanda_Rel" classified file "all.bstring" as "apt,putterpanda" based on indicators: "" (Reference: VT Analysis, Author: Florian Roth)
YARA signature "APT_DeputyDog_Fexel" classified file "all.bstring" as "apt,deputydog" based on indicators: "180.150.228.102" (Author: ThreatConnect Intelligence Research Team) YARA signature "Codoso_PGV_PVID_1" classified file "all.bstring" as "apt,codoso" based on indicators: "DRIVERS\ipinip.sys,%SystemRoot%\System32\wiaservc.dll,WUServiceMain" (Reference:, Author: Florian Roth)
YARA signature "APT17_Sample_FXSST_DLL" classified file "all.bstring" as "apt,apt17" based on indicators: "fxsst.dll,GetLastActivePopup,Sleep,GetModuleFileName,HeapAlloc,GetProcessHeap,GetCommandLine" (Reference:, Author: Florian Roth) YARA signature "CCREWBACK1" classified file "all.bstring" as "apt,apt1" based on indicators: "hostname,1.234.1.68" (Author: AlienVault Labs)
0 kommentar(er)
