Brutality: A Fuzzer For Any GET Entries

Brutalitys' Features

• Multi-threading on demand.
• Fuzzing, bruteforcing GET params.
• Find admin panels.
• Colored output.
• Hide results by return code, word numbers.
• Proxy support.
• Big wordlist.

Screenshots:

Brutality's Installtion

How to use Brutality?

Examples:
   Use default wordlist with 5 threads (-t 5) and hide 404 messages (–e 404) to fuzz the given URL (http://192.168.1.1/FUZZ):
python brutality.py -u 'http://192.168.1.1/FUZZ' -t 5 -e 404

   Use common_pass.txt wordlist (-f ./wordlist/common_pass.txt), remove response with 6969 length (-r 6969) and proxy at 127.0.0.1:8080 (-p http://127.0.0.1:8080) to fuzz the given URL (http://192.168.1.1/brute.php?username=admin&password=FUZZ&submit=submit#):
python brutality.py -u 'http://192.168.1.1/brute.php?username=admin&password=FUZZ&submit=submit#' -f ./wordlist/common_pass.txt -r 6969 -p http://127.0.0.1:8080

ToDo List:

• Smooth output.
• Export file report.
• Modularization.

Download Brutality

Read more

• Aprender A Hackear Desde Cero
• Hacking Movies
• Nfc Hacking
• Hacking Bluetooth Speaker
• Javascript Hacking
• Javascript Hacking
• Bluetooth Hacking
• Hacking Windows: Ataques A Sistemas Y Redes Microsoft
• Como Aprender A Hackear

The OWASP Foundation Has Selected The Technical Writer For Google Season Of Docs

The OWASP Foundation has selected the technical writer for Google Season of Docs by Fabio Cerullo

The OWASP Foundation has been accepted as the organization for the Google Seasons of Docs, a project whose goals are to give technical writers an opportunity to gain experience in contributing to open source projects and to give open-source projects an opportunity to engage the technical writing community.

During the program, technical writers spend a few months working closely with an open-source community. They bring their technical writing expertise to the project's documentation, and at the same time learn about open source and new technologies.

The open-source projects work with the technical writers to improve the project's documentation and processes. Together they may choose to build a new documentation set, or redesign the existing docs, or improve and document the open-source community's contribution procedures and onboarding experience. Together, we raise public awareness of open source docs, of technical writing, and of how we can work together to the benefit of the global open source community.

After a careful review and selection process, the OWASP Foundation has picked the primary technical writer who will work along the OWASP ZAP Team for the next 3 months to create the API documentation of this flagship project.

Congratulations to Nirojan Selvanathan!

Please refer to the linked document where you could look at the deliverables and work execution plan.

https://drive.google.com/open?id=1kwxAzaqSuvWhis9Xn1VKNJTJZPM2UV20

Related posts

• Hacking Day
• Hacking Cracking
• Portatil Para Hacking
• Hacking To The Gate Lyrics
• Curso Ethical Hacking

Amnesia / Radiation Linux Botnet Targeting Remote Code Execution In CCTV DVR Samples

Reference

Amnesia / Radiation botnet samples targeting Remote Code Execution in CCTV DVR 

2017-04-06 Palo Alto Unit 42. New IoT/Linux Malware Targets DVRs, Forms Botnet

2016-08-11 CyberX Radiation IoT Cybersecurity campaign

Download

             Other malware

Download. Email me if you need the password (see in my profile)

Hashes

MD5	SHA256	SHA1
74bf554c4bc30d172cf1d73ac553d766	06d30ba7c96dcaa87ac584c59748708205e813a4dffa7568c1befa52ae5f0374	3c40221177383da576b11a0b3f6b35d68a9cde74
5dd9056e5ab6a92e61822b6c04afd346	10aa7b3863f34d340f960b89e64319186b6ffb5d2f86bf0da3f05e7dbc5d9653	c865dd67853a24fd86ef74b05140827c1d5fd0bd
2b486466f4d3e30f7b22d0bc76cb68f9	175fe89bbc8e44d45f4d86e0d96288e1e868524efa260ff07cb63194d04ea575	ed62f6d1588bea33c20ababb42c02662d93d6015
3411bb2965f4c3d52c650aff04f48e52	1d8bc81acbba0fc56605f60f5a47743491d48dab43b97a40d4a7f6c21caca12a	1e0281178b4a9d8dec74f50a7850867c87837435
34f915ac414e9aad2859217169f9a3aa	2f9cd1d07c535aae41d5eed1f8851855b95b5b38fb6fe139b5f1ce43ed22df22	d66f1e47c983a8d30ad7fd30cd08db8cd29a92b0
59e08f2ce1c3e55e2493baf36c1ad3c6	327f24121d25ca818cf8414c1cc704c3004ae63a65a9128e283d64be03cdd42e	90d45b81e9a97ddcc9911122f4e8fd439ccc8fa9
f4bc173bf80d922da4e755896af0db61	37b2b33a8e344efcaca0abe56c6163ae64026ccef65278b232a9170ada1972af	fab32f8c3ce3a837e80a1d98ada41a5bf39b01e7
a253273e922ce93e2746a9791798e3fe	3a595e7cc8e32071781e36bbbb680d8578ea307404ec07e3a78a030574da8f96	99cfdec405f6a9f43d58b1856fce7ca3445395d3
335e322c56278e258e4d7b5e17ad98e6	4313af898c5e15a68616f8c40e8c7408f39e0996a9e4cc3e22e27e7aeb2f8d54	504022707609a0fec9cbb21005cb0875be2a4726
93522e5f361a051f568bd1d74d901d30	46ea20e3cf34d1d4cdfd797632c47396d9bdc568a75d550d208b91caa7d43a9b	e7fc96b2a92888572de2539f227c9a6625449f83
c86af536d87c1e5745e7d8c9f44fd25d	4b0feb1dd459ade96297b361c69690ff69e97ca6ee5710c3dc6a030261ba69e0	6ef69a683913ae650634aedc40af8d595c45cb4f
90c7c5e257c95047dbf52bbfbe011fd6	4db9924decd3e578a6b7ed7476e499f8ed792202499b360204d6f5b807f881b8	1c3a9be6ae9300aaad00fb87d5407ed6e84ec80b
7c0528e54b086e5455ef92218ea23d03	5e6896b39c57d9609dc1285929b746b06e070886809692a4ac37f9e1b53b250c	868abc912ff2fdcd733ff1da87e48e7d4c288a73
6405b42d2c7e42244ac73695bb7bfe6b	64f03fff3ed6206337332a05ab9a84282f85a105432a3792e20711b920124707	173aca65181c8da84e062c803a43a404ad49302d
6441157813de77d9849da5db9987d0bb	6b2885a4f8c9d84e5dc49830abf7b1edbf1b458d8b9d2bafb680370106f93bc3	92dff9bdb31d3b9480d9e5f72a307715859dd094
614ea66b907314398cc14b3d2fdebe79	6b29b65c3886b6734df788cfc6628fbee4ce8921e3c0e8fc017e4dea2da0fd0b	c7e71c42d391f9c69375505dbf3767ba967f9103
00fe3120a666a85b84500ded1af8fb61	885dce73237c4d7b4d481460baffbd5694ab671197e8c285d53b551f893d6c09	342ed67e08d16ab982a4012fcecdca060a5da46b
5477de039f7838dea20d3be1ae249fcb	886136558ec806da5e70369ee22631bfb7fa06c27d16c987b6f6680423bc84b0	5b19202b45e5a58cadec8c2efa40fd924b64177d
91bf10249c5d98ea6ae11f17b6ef0970	8f57ec9dfba8cf181a723a6ac2f5a7f50b4550dd33a34637cf0f302c43fd0243	682dab9ec3ff0b629cce4e16c9c74171dd2551d4
fb0a7e12d2861e8512a38a6cdef3ddf0	9351ee0364bdbb5b2ff7825699e1b1ee319b600ea0726fd9bb56d0bd6c6670cb	c077c490bb22df9886475dc5bedfc6c032061024
9b7f5a1228fa66cbd35e75fb774fdc8e	9c7a5239601a361b67b1aa3f19b462fd894402846f635550a1d63bee75eab0a2	ae89bc6c5cc1818b3136a40961462327c3dececc
5b97d54dc5001eb7cf238292405070a6	a010bf82e2c32cba896e04ec8dbff58e32eee9391f6986ab22c612165dad36a0	96d2194f5f3927de75605f6ca6110fe683383a01
642f523bb46c2e901416047dca1c5d4e	ad65c9937a376d9a53168e197d142eb27f04409432c387920c2ecfd7a0b941c8	bbf667213a446bc9bc4a5a2e54e7391752e3a9b8
c617655312c573ecb01d292b320fff2e	aeb480cf01696b7563580b77605558f9474c34d323b05e5e47bf43ff16b67d6a	de102a6f35e08f18aa0c58358f5b22871eb0a45f
c8835a3d385162ae02bd4cb6c5ebac87	b113ec41cc2fd9be9ac712410b9fd3854d7d5ad2dcaac33af2701102382d5815	831eb9cf0dcd57a879c04830e54a3b85fe5d6229
1497740fa8920e4af6aa981a5b405937	b13014435108b34bb7cbcef75c4ef00429b440a2adf22976c31a1645af531252	8d6b90f0b88b1ad5dcc87d377e6a82dc6ac64211
5e925e315ff7a69c2f2cf1556423d5af	b3d0d0e2144bd1ddd27843ef65a2fce382f6d590a8fee286fda49f8074711545	64fe900b3a2b030c28211404afa45703c6869dea
951ec487fb3fece58234677d7fe3e4dc	bdefa773e3f09cdc409f03a09a3982f917a0cc656b306f0ece3dd1a2564a8772	0b03d9471522590530dd90ad30b2d235ec98b578
3e84998197fc25cbac57870e3cdeb2de	c03b403d5de9778a2ec5949d869281f13976c2fc5b071e0f5f54277680c80902	0b9eb6d931dc6b226a913e89bb422f58228de0d0
c3a73d24df62057e299b6af183889e6b	cb2382b818993ef6b8c738618cc74a39ecab243302e13fdddb02943d5ba79483	6a683ef6f7653e5ee64969cbbbe4403601ae9ded
d428f50a0f8cd57b0d8fe818ace6af20	ce61dcfc3419ddef25e61b6d30da643a1213aa725d579221f7c2edef40ca2db3	9bd832256b94e43546dfb77532f6d70fcd1ce874
e1d6d4564b35bb19d2b85ca620d7b8f2	d0bda184dfa31018fe999dfd9e1f99ca0ef502296c2cccf454dde30e5d3a9df9	c1af00d3263893b5d23dbf38015fe3c6a92cefaf
e9502ae7b0048b9ea25dd7537818904c	e7d6b3e1fba8cdf2f490031e8eb24cd515a30808cdd4aa15c2a41aa0016f8082	0e080ac0130ab3f7265df01b8397e4abd13c38cb
8eb34e1fb7dd9d9f0e1fef2803812759	eb54dc959b3cc03fbd285cef9300c3cd2b7fe86b4adeb5ca7b098f90abb55b8a	5310a99f0f8c92bfa2f8da87e60c645f2cae305a
ca0fc25ce066498031dc4ca3f72de4b8	f23fecbb7386a2aa096819d857a48b853095a86c011d454da1fb8e862f2b4583	7f4d97eea294fc567b058b09cc915be56c2a80e1
5a2fcfff8d6aab9a0abe9ca97f6093ed	f6af2fa4f987df773d37d9bb44841a720817ce3817dbf1e983650b5af9295a16	f4ddf49fbf23edb23f50be62637a4a688e352057
ed98e8fa385b39ca274e0de17b1007e6	f7a737cb73802d54f7758afe4f9d0a7d2ea7fda4240904c0a79abae732605729	a69d4c2b88bfe3a06245f8fbfb8abe5e9a894cec
320db5f1230fcfe0672c8515eb9ddcfc	f7cf1e0d7756d1874630d0d697c3b0f3df0632500cff1845b6308b11059deb07	8d40dbf34a02dd43a81e5cdc58a0b11bfa9f5663
18d6af9211d0477f9251cf9524f898f3	f97848514b63e9d655a5d554e62f9e102eb477c5767638eeec9efd5c6ad443d8	b0e76be186fd609d5a8a33d59d16ffa3bdab1573

Read more

1. Elladodelmal
2. Python Hacking
3. Curso De Hacking
4. Hacking Significado
5. Herramientas Hacking Etico
6. Hacker En Español
7. Etica Definicion
8. Phone Hacking

How To Start | How To Become An Ethical Hacker

Are you tired of reading endless news stories about ethical hacking and not really knowing what that means? Let's change that!

This Post is for the people that:

• Have No Experience With Cybersecurity (Ethical Hacking)
• Have Limited Experience.
• Those That Just Can't Get A Break

OK, let's dive into the post and suggest some ways that you can get ahead in Cybersecurity.

I receive many messages on how to become a hacker. "I'm a beginner in hacking, how should I start?" or "I want to be able to hack my friend's Facebook account" are some of the more frequent queries. Hacking is a skill. And you must remember that if you want to learn hacking solely for the fun of hacking into your friend's Facebook account or email, things will not work out for you. You should decide to learn hacking because of your fascination for technology and your desire to be an expert in computer systems. Its time to change the color of your hat 😀

 I've had my good share of Hats. Black, white or sometimes a blackish shade of grey. The darker it gets, the more fun you have.

If you have no experience don't worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.OK, so you have zero experience and limited skills…my advice in this instance is that you teach yourself some absolute fundamentals.

Let's get this party started.

•  What is hacking?

Hacking is identifying weakness and vulnerabilities of some system and gaining access with it.

Hacker gets unauthorized access by targeting system while ethical hacker have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s)

 There's some types of hackers, a bit of "terminology".
White hat — ethical hacker.
Black hat — classical hacker, get unauthorized access.
Grey hat — person who gets unauthorized access but reveals the weaknesses to the company.
Script kiddie — person with no technical skills just used pre-made tools.
Hacktivist — person who hacks for some idea and leaves some messages. For example strike against copyright.

•  Skills required to become ethical hacker.

1. Curosity anf exploration
2. Operating System
3. Fundamentals of Networking

*Note this sites

• hackquest.de
• hacktissite.org
• www.trythis0ne.com
• www.hackchallenge.net
• hacking-lab.com

More information

1. Hacking Linux Distro
2. Cómo Se Escribe Hacker
3. Hacking Social
4. Tutorial Hacking
5. Que Significa Hat
6. Libros Hacking Pdf
7. Hacker En Español
8. Hacking Wifi Kali Linux

goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material.

What this tool does, is enumerate S3 bucket names using common patterns I have identified during my time bug hunting and pentesting. Permutations are supported on a root domain name using a custom wordlist. I highly recommend the one packaged within AltDNS.

The following information about every bucket found to exist will be returned:

• List Permission
• Write Permission
• Region the Bucket exists in
• If the bucket has all access disabled

Installation

go get -u github.com/glen-mac/goGetBucket

Usage
goGetBucket -m ~/tools/altdns/words.txt -d <domain> -o <output> -i <wordlist>

Usage of ./goGetBucket:
  -d string
        Supplied domain name (used with mutation flag)
  -f string
        Path to a testfile (default "/tmp/test.file")
  -i string
        Path to input wordlist to enumerate
  -k string
        Keyword list (used with mutation flag)
  -m string
        Path to mutation wordlist (requires domain flag)
  -o string
        Path to output file to store log
  -t int
        Number of concurrent threads (default 100)

Throughout my use of the tool, I have produced the best results when I feed in a list (-i) of subdomains for a root domain I am interested in. E.G:

www.domain.com
mail.domain.com
dev.domain.com

The test file (-f) is a file that the script will attempt to store in the bucket to test write permissions. So maybe store your contact information and a warning message if this is performed during a bounty?
The keyword list (-k) is concatenated with the root domain name (-d) and the domain without the TLD to permutate using the supplied permuation wordlist (-m).
Be sure not to increase the threads too high (-t) - as the AWS has API rate limiting that will kick in and start giving an undesired return code.

Download goGetBucket

Related word

1. Growth Hacking Instagram
2. Hacking System
3. Hacking Programs
4. Hacking-Lab
5. Hacking Ético Con Herramientas Python Pdf

Masad Clipper And Stealer - Windows Spyware Exfiltrating Data Via Telegram (Samples)

Reference

2019-09-25 Juniper. Masad Stealer: Exfiltrating using Telegram 

"Masad Clipper and Stealer" steals browser information, computer files,  and automatically replaces cryptocurrency wallets from the clipboard with its own.

It is written using Autoit scripts and then compiled into a Windows executable.
It uses Telegram to exfiltrate stolen information.

Download

             Other malware

Download. Email me if you need the password (see in my profile)

Hashes

SHA256	SHA1	MD5
1acf5a461ee16336eb8bbf8d29982c7e26d5e11827c58ca01adac671a28b52ad	6001b34c17c122d201613fffd846b056614b66da	e03234c2259c474aeb69500423ddeed7
290a1b89517dec10bfd9938a0e86ae8c53b0c78ed7c60dc99e4f8e5837f4f24a	32800c10588053813f55bf8c87771311c5f7f38e	2df4c1cf093c8373a8f2f194e77b69a2
7937a1068f130a90b44781eea3351ba8a2776d0fede9699ba8b32f3198de045b	a2a67b06344e4f1cf85086f6b584316ec53d5e54	8368f1c4d8f0d908f5f4ff671df5f1da
87e44bca3cc360c64cc7449ec1dc26b7d1708441d471bf3d36cd330db3576294	2fe5483e6b82220eeeef12e531eb3347fea16ac1	1082ce517dd23eee335bedfc6bcd8205
cf97d52551a96dacb089ac41463d21cab2b004ba8c38ffc6cb5fb0958ddd34db	5b79a15cb61f5260f0b9d807faa160e6d49590e4	b5fdf9653eb1ffbdae8cb4f1f2d71747
79aa23c5a25c7cdbaba9c6c655c918dac3d9823ac62ebed9d7d3e94e1eaafc07	4a279a6b82fe801d3c8be9d16df2ef5623b17704	0029ab0fd56cd7e493b46a331ef18bd3
03d703f6d341be258ac3d95961ff0a67d4bf792f9e896530e193b091dca29c2e	a9740352af2c9cc926deba7dffc452f213f7f05f	a462aac76def5b53351b3b1ddb41124c
a368b6755e62e5c0ff79ea1e3bd146ee8a349af309b4acf0558a9c667e78293a	e16167ab646381c277c2ca84319ceb57bacb2c92	c4cdc7665adb1cda5897d4df4a560f88
ba933cefbe9a8034f0ba34e7d18481a7db7451c8ef4b6172fb0cad6db0513a51	00749407e97085af470c75ef004f2235d30af44f	c26a3f2317507a09d91014469b045384
3ba3c528d11d1df62a969a282e9e54534fb3845962672ad6d8bbc29cb6d062f5	b8100890c0f1894544b3f99168377ec46c38e911	4a0607b4488cd539b8b0b443abd121e3
b763054180cd4e24c0a78b49055ad36dbc849f1a096cddf2db8cee0b9338c21d	7bec99308ce4bf409417b642cd9432000a5c19d2	2dfb1d606e5539399aa1a536baafd2f8
d5ce4b04b7eec6530a4a9d40510177468fadc235253e5a74530a8c9d990f3c50	27fc204ffa42262b7570b6fccb435d4d38a3610f	c5d8b73da810646407c333fe52186281
965a5949d8f94e17ebcd4cb6d0a7c19f49facbfc1b1c74111e5ceb83550d6c8f	7698584b2e7c62061447a6a2583ed6957180c205	e7ebe4411664672359b393f530fc2fc1
44134b9d4b10d94f6381b446a1728b116d62e65c1a52db45235af12caf7e38c0	fd114077927d501606575ba9ab38ecfb3407d432	a4388980d7e3539d74a950dab23d00ac
848d76a227f4fe282b7ddfd82a6dfc4c25da2735a684462b42fe4e1c413d8e34	135cee7610890497183eb6251efef307ea013fe1	7bb23077b4f80df48b91b425eda05828
5ca0a957fe6c253827f344da4ba8692d77a4e21a1df4251594be2d27d87dd8ae	d231874332ca462fb462e4f68450d2c2c22d4bcd	dda77b3f3f74a2bdffd167917686e139
016fa511f6546ed439d2606c6db8821685a99f5a14ef3f710668b58dc89c6926	5c83749c62ee0131710bf26931cb1e463a8fbda3	b0c34df85677d8f752dc1e1a5eeba0c9
22be594fbfa878f631c0632f6c4d260b00918817ff66a1f9f15efe44c1a58460	856d635fca52631305f1fefc58eafa74496524b6	60ebf41953d5c6e212fc306cdb0c6519
f3571ec66288405dab43332ca03812617f85fb08832fbbe1f1d89901fe034b8a	819485e20d841195e2e8a7ae5b41ff709887bb21	6984d37863c08b9fdd969297d35d3538
04c949eca23103b1de05278b49f42c3ab6b06f4bf20aafa5f2faefaa84c16ecd	0487db2df1802dd4ee4ae3b62b5f08937dd5c77c	4366ee61cbd7e636aea8540836a60036
d6fc04acda8f33a6d35eb577c27754c2f2b4d6f4869576c7c4e11b2c5e9b0176	83ae89826114662dad8553d5eeed5217b57047f2	2bc964e294d7ab314c34e5934d91a5a9
18c0bd4dd98008383fc52045ad896449fa7f0037593bb730ed1ef88aa547006d	bcaa05b60a9d625852ac4f2d0d805ab164988155	35d9f08c39c4cf396427f3a345e5c09a
4c9d5469e9095813418260045c2b11e499e4eaa0ffb25293f90f580c464157df	4c6aacc0b893ed366f9f307326e59efa61e51534	50dddaf7e5bb24aabf66eecd0c8b79cf
0b5f1fbc05dc8baca492b748adeb01fb4904e02723b59211ecde222f7b12d91e	87f898e0d41c0f2c22d4e9278a942326877fc368	da780b72140535d4c2d391e76dc8181d
31ad5c4547ceae4d0550c8460524c16a6105afc056760e872c4966656256c9dc	37f485d3fa8f6cf13061cb1ea38ae0d5d2edfd95	134aefcf640c24a1ab5344a96150fb05
edb00a0e5ff70e899857549e3263c887a799416c8bbab43ab130ca1be9bbd78c	42c30dc551a3cb3bc935c0eae79b79f17942e439	c2722241f765d2ad4fb58edd76a4adea
96f852b81760a425befaa11ea37c0cdea2622630bf2a0c94bb95042211ab614d	5d9782064bc38d40c88f32c0410479cbd61caa40	f332cfcda8c0ef579ede59eff23caa1e
57fd171a5b1a88e9583b42439851a91a940eb31105ab29cb314846da2ed43b82	0bfec2059823b936d782bea7bc16abd9923dddb5	6fff82df7a565b4570d299486697310f
277018b2cc6226dca6c7678cac6718c8584f7231340ad8cd7c03477559fdf48b	261f916ce97ffc6817a4772705df68e6ccca8181	009dc7d8766a85d85bb6a26ee69b66fe
e968affb1fc7756deb0e29807a06681d09a0425990be76b31816795875469e3d	cf78484a999183324da9affdf2aaeff508d1dc47	3e1b8f6313447b8a4b49671ddeb8a4ee
4b1ccf6b823ee82e400ba25b1f532cd369d7e536475a470e2011b77ffeaf7bb3	bc988f7cd32d411f2a9888afc72c7a892e2a1def	55128a3da6f70129acdbf9dbe955cfe7
fc84d6636a34ad1a11dbaa1daec179e426bdcd9887b3d26dc06b202417c08f95	1df31bec02e35c9a4656bb3a3bdf631bb37605a8	55d77ab16377a8a314982f723fcc6fae
9ca15f15fbae58cb97b0d48a0248461e78e34e6d530338e3e5b91f209a166267	8505dfaad6d10b84c73544eb748d547cb5bad9bd	ebc12c530dab0a65c37ffd72612fa705
31f3a402c1662ed6adffbf2b1b65cf902d1df763698eb76d21e4e94b4c629714	18c972722d984ff6da2bc26a0aca4c7f209cc39c	05bbf6e72b5b24c0c81e0671bf17b1e7
8d9f124ddd69c257189f1e814bb9e3731c00926fc2371e6ebe2654f3950ca02e	553cd98c83e945ee3013aa40897baec0305b34a2	b4030025e039c54c2d3923057447494c
a0923d7645604faaa864a079adeb741a5d6e65507a2819b2fee4835d396077d9	f8e6995e28c789d8b24e982ac53d5d6ba453de73	b796f85c8a7de71407d6e3c4206edda3
a19b790ea12f785256510dde367d3313b5267536a58ca0c27dbdac7c693f57e1	a92f7393daf7ead9a44b12e35f850705798fc879	a6defec886d31f6375712466dd794a96
f030fb4e859ee6a97c50c973a73dced3640befe37f579cfd15367ce6a9bbede2	ad3a1e779f02539ccd07bff735e0823add9730b2	c259564a8fe72333604a5686e30f6242
f01db6d77ac21211992ceae4e66e1e03c1cb39d61e03645b9369f28252ca7693	14c6bf63ff4d32d8a0a42e81ea39304fb7ab13c8	80fe593ef5538fbf66b3b3e1cb7b9b8b
dfe3d0e95feaed685a784aed14d087b019ba2eb0274947a840d2bdbae4ae3674	2107d057478328df8f538102508de00b0c4b37c7	b5a85a0e7a2c4197c3794c8bb2eb5763
bf6083040ca51e83415f27c9412d9e3d700bd0841493b207bc96abf944ab0ca7	09a695ce6c35c029dd7577e29f403d7144698b41	7a2edceb31a9c0d05e5f13c6caee0576
b154151dc8ace5c57f109e6bb211a019db20c4f0127c4d13c7703f730bf49276	8c0cda049c85493df4e97db3db4ddc94075ba62c	b6a895ac5ba5b6472680d47410a238a5
6bf6b1bde63cee9b81902efd187fdd56ecee5853754ce0a19d5ab5c3b0242988	6e2d4f0bcc97ce130ae89647f648d3e96548a391	a29f9d176b913e7f693355700aaadbb9
0dcf547bd8f4074af97416d8b84ea64b2f3319064aa4bce64ad0c2e2d3957175	a996b925e9391a69140caf6e4adba928694ffe66	dd575413a40839f2807593aa21c71152
6cff1249cc45b61ce8d28d87f8edc6616447e38168e610bed142f0b9c46ea684	9baa823deb9075e8df77b891115c019244de09de	488bb5c0739485721182c01a82b01d14
5b5ebe019806885bbaafe37bc10ca09549e41c240b793fd29a70690a5d80b496	3d46711f9064b96ff2d0affdef1ecd82d120659d	b95e2d8a8509ac05f5445d18d32cc7cb
103d87098c9702cab7454b52869aeeb6a22919f29a7f19be7509255ce2d8c83e	e29a163488438c9ea9014ddf1a9b2d382cc5d7e6	baf2587fafaedbab4a78b9b7fd8b55f8
c73675005a09008bc91d6bc3b5ad59a630ab4670dca6ac0d926165a3ecfd8d92	d8ea2280cd06a5cc32b7d668e2b4b2e68f3a7e2a	98ecc6fbb2cb5649daf751fcbfb81bcb
ef623aadd50330342dc464a31b843b3d8b5767d62a62f5e515ac2b380b208fbe	620ff5a7aaf7f3fcf4abc9365e0e77b3ec4b434d	b14535c5835c9dfb3cbbc7f6fef6034c

More information

1. Herramientas Hacking
2. Certificacion Hacking Etico
3. Hacking Prank
4. Hacking Health
5. Hacking Wireless 101 Pdf

SigPloit SS7 Tool

Related posts

• Hacking Etico
• Google Hacking Search
• Hacking Pdf
• Hacking Y Forensic Desarrolle Sus Propias Herramientas En Python Pdf
• Herramientas Hacking Etico
• Hacking Apps

Part I. Russian APT - APT28 Collection Of Samples Including OSX XAgent

 This post is for all of you, Russian malware lovers/haters. Analyze it all to your heart's content. Prove or disprove Russian hacking in general or DNC hacking in particular, or find that "400 lb hacker" or  nail another country altogether.  You can also have fun and exercise your malware analysis skills without any political agenda.

The post contains malware samples analyzed in the APT28 reports linked below. I will post APT29 and others later.

Read about groups and types of targeted threats here: Mitre ATT&CK

List of References (and samples mentioned) listed from oldest to newest:

1. APT28_2011-09_Telus_Trojan.Win32.Sofacy.A
2. APT28_2014-08_MhtMS12-27_Prevenity
3. APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations
4. APT28_2014-10_Telus_Coreshell.A
5. APT28_2014-10_TrendMicro Operation Pawn Storm. Using Decoys to Evade Detection
6. APT28_2015-07_Digital Attack on German Parliament
7. APT28_2015-07_ESET_Sednit_meet_Hacking
8. APT28_2015-07_Telus_Trojan-Downloader.Win32.Sofacy.B
9. APT28_2015-09_Root9_APT28_Technical_Followup
10. APT28_2015-09_SFecure_Sofacy-recycles-carberp-and-metasploit-code
11. APT28_2015-10_New Adobe Flash Zero-Day Used in Pawn Storm
12. APT28_2015-10_Root9_APT28_targets Financial Markets
13. APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28–The_Political_Cyber-Espionage
14. APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets
15. APT28_2015_06_Microsoft_Security_Intelligence_Report_V19
16. APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor
17. APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee << DNC (NOTE: this is APT29)
18. APT28_2016-07_Invincea_Tunnel of Gov DNC Hack and the Russian XTunnel
19. APT28_2016-10_ESET_Observing the Comings and Goings
20. APT28_2016-10_ESET_Sednit A Mysterious Downloader
21. APT28_2016-10_ESET_Sednit Approaching the Target
22. APT28_2016-10_Sekoia_Rootkit analysisUse case on HideDRV
23. APT28_2017-02_Bitdefender_OSX_XAgent  << OSX XAgent

Download

Download sets (matching research listed above). Email me if you need the password
          Download all files/folders listed (72MB)

Sample list

Parent Folder	File Name (SHA1)	MD5 Checksum	SHA256 Checksum
APT28	APT28_2011-09_Telus_Trojan.Win32.Sofacy.A
APT28_2011-09_Telus_Trojan.Win32.Sofacy.A	28F21E96E0722DD6FC7D6E1275F352BD060ADE0D	1e217668d89b480ad42e230e8c2c4d97	1feb41c4a64a7588d1e8e02497627654e9d031e7020d010541d8a8626447dbe9
APT28_2011-09_Telus_Trojan.Win32.Sofacy.A	72CFD996957BDE06A02B0ADB2D66D8AA9C25BF37	ed7f6260dec470e81dafb0e63bafb5ae	7313eaf95a8a8b4c206b9afe306e7c0675a21999921a71a5a16456894571d21d
APT28_2011-09_Telus_Trojan.Win32.Sofacy.A	AC6B465A13370F87CF57929B7CFD1E45C3694585	e1554b931affb3cd2edc90bc58028078	5ab8ef93fdeaac9af258845ab52c24d31140c8fffc5fdcf465529c8e00c508ac
APT28_2011-09_Telus_Trojan.Win32.Sofacy.A	C01B02CCC86ACBD9B266B09D2B693CB39A2C6809	9e4817f7bf36a61b363e0911cc0f08b9	31a0906b0d8b07167129e134009dc307c2d92522da5709e52b67d3c5a70adf93
APT28	APT28_2014-08_MhtMS12-27_Prevenity
APT28_2014-08_MhtMS12-27_Prevenity	33EEC0D1AE550FB33874EDCE0138F485538BB21B__.mht_	d3de5b8500453107d6d152b3c8506935	55038c4326964f480fd2160b6b2a7aff9e980270d7765418937b3daeb4e82814
APT28_2014-08_MhtMS12-27_Prevenity	8DEF0A554F19134A5DB3D2AE949F9500CE3DD2CE_filee.dll_	16a6c56ba458ec718b4e9bc8f9f10785	ce554d57333bdbccebb5e2e8d16a304947981e48ea2a5cc3d5f4ced7c1f56df3
APT28_2014-08_MhtMS12-27_Prevenity	A8551397E1F1A2C0148E6EADCB56FA35EE6009CA_coreshell.dll_	48656a93f9ba39410763a2196aabc67f	c8087186a215553d2f95c68c03398e17e67517553f6e9a8adc906faa51bce946
APT28_2014-08_MhtMS12-27_Prevenity	E338A57C35A4732BBB5F738E2387C1671A002BCB_advstorshell.dll_	d7a625779df56d874871bb632f3e3106	11097a7a3336e0ab124fa921b94e3d51c4e9e4424e140e96127bfcf1c10ef110
APT28	APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	367D40465FD1633C435B966FA9B289188AA444BC__tmp64.dat_	791428601ad12b9230b9ace4f2138713	29cc2e69f65b9ce5fe04eb9b65942b2dabf48e41770f0a49eb698271b99d2787
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	6316258CA5BA2D85134AD7427F24A8A51CE4815B_coreshell.dll_	da2a657dc69d7320f2ffc87013f257ad	d54173be095b688016528f18dc97f2d583efcf5ce562ec766afc0b294eb51ac7
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	682E49EFA6D2549147A21993D64291BFA40D815A_coreshell.dll_	3b0ecd011500f61237c205834db0e13a	7f6f9645499f5840b59fb59525343045abf91bc57183aae459dca98dc8216965
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	85522190958C82589FA290C0835805F3D9A2F8D6_coreshell.dll_	8b92fe86c5b7a9e34f433a6fbac8bc3a	03ed773bde6c6a1ac3b24bde6003322df8d41d3d1c85109b8669c430b58d2f69
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	A8551397E1F1A2C0148E6EADCB56FA35EE6009CA_coreshell.dll_	48656a93f9ba39410763a2196aabc67f	c8087186a215553d2f95c68c03398e17e67517553f6e9a8adc906faa51bce946
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	CF3220C867B81949D1CE2B36446642DE7894C6DC_coreshell.dll_	5882fda97fdf78b47081cc4105d44f7c	744f2a1e1a62dff2a8d5bd273304a4d21ee37a3c9b0bdcffeeca50374bd10a39
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	D87B310AA81AE6254FFF27B7D57F76035F544073_coreshell.dll_	272f0fde35dbdfccbca1e33373b3570d	423a0799efe41b28a8b765fa505699183c8278d5a7bf07658b3bd507bfa5346f
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	D9C53ADCE8C35EC3B1E015EC8011078902E6800B_coreshell.dll_	1259c4fe5efd9bf07fc4c78466f2dd09	102b0158bcd5a8b64de44d9f765193dd80df1504e398ce52d37b7c8c33f2552a
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	E2450DFFA675C61AA43077B25B12851A910EEEB6_ coreshell.dll_	9eebfebe3987fec3c395594dc57a0c4c	e6d09ce32cc62b6f17279204fac1771a6eb35077bb79471115e8dfed2c86cd75
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	ED48EF531D96E8C7360701DA1C57E2FF13F12405_coreshell.dll_	ead4ec18ebce6890d20757bb9f5285b1	7695f20315f84bb1d940149b17dd58383210ea3498450b45fefa22a450e79683
APT28_2014-10_Fireeye_A_Window_into_Russia_Cyber_Esp.Operations	F5B3E98C6B5D65807DA66D50BD5730D35692174D_asdfasdf.dat_	8c4fa713c5e2b009114adda758adc445	d58f2a799552aff8358e9c63a4345ea971b27edd14b8eac825db30a8321d1a7a
APT28	APT28_2014-10_Telus_Coreshell.A
APT28_2014-10_Telus_Coreshell.A	D87B310AA81AE6254FFF27B7D57F76035F544073_coreshell.dll_	272f0fde35dbdfccbca1e33373b3570d	423a0799efe41b28a8b765fa505699183c8278d5a7bf07658b3bd507bfa5346f
APT28	APT28_2014-10_TrendMicro Operation Pawn Storm
APT28_2014-10_TrendMicro Operation Pawn Storm	0A3E6607D5E9C59C712106C355962B11DA2902FC_Case2_S.vbs_exe_	db9edafbadd71c7a3a0f0aec1b216a92	b3d624c4287795a7fbddd617f57705153d30f5f4c4d2d1fec349ac2812c3a8a0
APT28_2014-10_TrendMicro Operation Pawn Storm	0E12C8AB9B89B6EB6BAF16C4B3BBF9530067963F_Case2_Military CooperationDecoy.doc_	7fcf20302404f644fb07fe9d4fe9ac84	77166146463b9124e075f3a7925075f969974e32746c78d022ba99f578b9f0bb
APT28_2014-10_TrendMicro Operation Pawn Storm	14BEEB0FC5C8C887D0435009730B6370BF94BC93_Case5Payload2_netids.dll_	35717cd78ce713067a5037286cf91c3e	1b3dd8aaafd750aa85185dc52672b26d67d662796847d7cbb01a35b565e74d35
APT28_2014-10_TrendMicro Operation Pawn Storm	3814EEC8C45FC4313A9C7F65CE882A7899CF0405_Case4_NetIds.dll_	a24552843b9fedd7d0084e1eb1dd6e35	966660738c9e3ec103c2f8fe361c8ac20647cacaa5153197fa1917e9da99082e
APT28_2014-10_TrendMicro Operation Pawn Storm	4B8806FE8E0CB49E4AA5D8F87766415A2DB1E9A9_Case2dropper_cryptmodule.exe_	41e14894f4ad9494e0359ee5bb3d9745	684f4b9ea61e14a15e82cac25076c5afe2d30e3dad7ce0b1b375b24d81135c37
APT28_2014-10_TrendMicro Operation Pawn Storm	550ABD71650BAEA05A0071C4E084A803CB413C31_Case2_skype.exe_	7276d1dab1125f59604252159e0c529c	81f0f5fcb3cb8a63e8a3713b4107b89d888cb722cb6c7586c7fcdb45f5310174
APT28_2014-10_TrendMicro Operation Pawn Storm	55318328511961EC339DFDDCA0443068DCCE9CD2_Case3_conhost.dll_	f1704aaf08cd66a2ac6cf8810c9e07c2	74bdd9c250b0f4f27c0ecfeca967f53b35265c785d67406cc5e981a807d741bd
APT28_2014-10_TrendMicro Operation Pawn Storm	5A452E7248A8D3745EF53CF2B1F3D7D8479546B9_Case3_netui.dll_keylog	aa3e6af90c144112a1ad0c19bdf873ff	4536650c9c5e5e1bb57d9bedf7f9a543d6f09addf857f0d802fb64e437b6844a
APT28_2014-10_TrendMicro Operation Pawn Storm	6ADA11C71A5176A82A8898680ED1EAA4E79B9BC3_Case1_Letter to IAEA.pdf_decoy	76d3eb8c2bed4f2588e22b8d0984af86	b0f1f553a847f3244f434541edbf26904e2de18cca8db8f861ea33bb70942b61
APT28_2014-10_TrendMicro Operation Pawn Storm	6B875661A74C4673AE6EE89ACC5CB6927CA5FD0D_Case2Payload2_ netids.dll_	42bc93c0caddf07fce919d126a6e378f	9392776d6d8e697468ab671b43dce2b7baf97057b53bd3517ecd77a081eff67d
APT28_2014-10_TrendMicro Operation Pawn Storm	72CFD996957BDE06A02B0ADB2D66D8AA9C25BF37_Case1_saver.scr_	ed7f6260dec470e81dafb0e63bafb5ae	7313eaf95a8a8b4c206b9afe306e7c0675a21999921a71a5a16456894571d21d
APT28_2014-10_TrendMicro Operation Pawn Storm	78D28072FDABF0B5AAC5E8F337DC768D07B63E1E_Case5_IDF_Spokesperson_Terror_Attack_011012.doc_	1ac15db72e6d4440f0b4f710a516b165	0cccb9d951ba888c0c37bb0977fbb3682c09f9df1b537eede5a1601e744a01ad
APT28_2014-10_TrendMicro Operation Pawn Storm	7FBB5A2E46FACD3EE0C945F324414210C2199FFB_Case5payload_saver.scr_	c16b07f7590a8620a8f0f687b0bd8bd8	cb630234494f2424d8e158c6471f0b6d0643abbdf2f3e378bc2f68c9e7bca9eb
APT28_2014-10_TrendMicro Operation Pawn Storm	88F7E271E54C127912DB4DB49E37D93AEA8A49C9_Case3_download_msmvs.exe_	66f368cab3d5e64475a91f636c87af15	e8ac9acc6fa3283276bbb77cff2b54d963066659b65e48cd8803a2007839af25
APT28_2014-10_TrendMicro Operation Pawn Storm	8DEF0A554F19134A5DB3D2AE949F9500CE3DD2CE_Case6_dropper_filee.dll_	16a6c56ba458ec718b4e9bc8f9f10785	ce554d57333bdbccebb5e2e8d16a304947981e48ea2a5cc3d5f4ced7c1f56df3
APT28_2014-10_TrendMicro Operation Pawn Storm	956D1A36055C903CB570890DA69DEABAACB5A18A_Case2_International Military.rtf_	d994b9780b69f611284e22033e435edb	342e1f591ab45fcca6cee7f5da118a99dce463e222c03511c3f1288ac2cf82c8
APT28_2014-10_TrendMicro Operation Pawn Storm	9C622B39521183DD71ED2A174031CA159BEB6479_Case3_conhost.dll__	d4e99548832b6999f00e8d223c6fabbd	d5debe5d88e76a409b9bc3f69a02a7497d333934d66f6aaa30eb22e45b81a9ab
APT28_2014-10_TrendMicro Operation Pawn Storm	A8551397E1F1A2C0148E6EADCB56FA35EE6009CA_Case6_Coreshell.dll_	48656a93f9ba39410763a2196aabc67f	c8087186a215553d2f95c68c03398e17e67517553f6e9a8adc906faa51bce946
APT28_2014-10_TrendMicro Operation Pawn Storm	A90921C182CB90807102EF402719EE8060910345_Case4_APEC Media list 2013 Part1.xls_	aeebfc9eb9031e423797a5af1985242d	e8d3f1e4e0d7c19e195d92be5cb6b3617a0496554c892e93b66a75c411745c05
APT28_2014-10_TrendMicro Operation Pawn Storm	AC6B465A13370F87CF57929B7CFD1E45C3694585_Case4Payload_dw20.t_	e1554b931affb3cd2edc90bc58028078	5ab8ef93fdeaac9af258845ab52c24d31140c8fffc5fdcf465529c8e00c508ac
APT28_2014-10_TrendMicro Operation Pawn Storm	B3098F99DB1F80E27AEC0C9A5A625AEDAAB5899A_APEC Media list 2013 Part2.xls_decoy	bebb3675cfa4adaba7822cc8c39f55bf	8fc4fe966ef4e7ecf635283a6fa6bacd8586ee8f0d4d39c6faffd49d60b01cb9
APT28_2014-10_TrendMicro Operation Pawn Storm	BC58A8550C53689C8148B021C917FB4AEEC62AC1_Case5Payload_install.exe_	c43edb579e43aaeb6f0c0703f84e43f7	7dd063acdfb00509b3b06718b39ae53e2ff2fc080094145ce138abb1f2253de4
APT28_2014-10_TrendMicro Operation Pawn Storm	C5CE5B7D10ACCB04A4E45C3A4DCF10D16B192E2F_Case1Payload_netids.dll_	85c80d01661f88ec556579e772a5a3db	461f5340f9ea47344f86bb7302fbaaa0567605134ec880eef34fa9b40926eb70
APT28_2014-10_TrendMicro Operation Pawn Storm	D0AA4F3229FCD9A57E9E4F08860F3CC48C983ADDml.rtf	a24d2f5258f8a0c3bddd1b5636b0ec57	992caa9e8de503fb304f97d1ab0b92202d2efb0d1353d19ce7bec512faf76491
APT28_2014-10_TrendMicro Operation Pawn Storm	DAE7FAA1725DB8192AD711D759B13F8195A18821_Case6_MH17.doc_decoy	388594cd1bef96121be291880b22041a	adf344f12633ab0738d25e38f40c6adc9199467838ec14428413b1264b1bf540
APT28_2014-10_TrendMicro Operation Pawn Storm	E338A57C35A4732BBB5F738E2387C1671A002BCB_Case6_advstoreshell.dll_	d7a625779df56d874871bb632f3e3106	11097a7a3336e0ab124fa921b94e3d51c4e9e4424e140e96127bfcf1c10ef110
APT28_2014-10_TrendMicro Operation Pawn Storm	F542C5F9259274D94360013D14FFBECC43AAE552_Case5Decoy_IDF_Spokesperson_Terror_Attack_011012.doc_	77aa465744061b4b725f73848aebdff6	91f750f422fd3ff361fabca02901830ef3f6e5829f6e8db9c1f518a1a3cac08c
APT28_2014-10_TrendMicro Operation Pawn Storm	wp-operation-pawn-storm.pdf	ce254486b02be740488c0ab3278956fd	9b8495ff1d023e3ae7aed799f02d9cf24422a38dfb9ed37c0bdc65da55b4ee42
APT28	APT28_2015-07_Digital Attack on German Parliament
APT28_2015-07_Digital Attack on German Parliament	0450AAF8ED309CA6BAF303837701B5B23AAC6F05_servicehost.dll_	800af1c9d341b846a856a1e686be6a3e	566ab945f61be016bfd9e83cc1b64f783b9b8deb891e6d504d3442bc8281b092
APT28_2015-07_Digital Attack on German Parliament	CDEEA936331FCDD8158C876E9D23539F8976C305_exe_	5e70a5c47c6b59dae7faf0f2d62b28b3	730a0e3daf0b54f065bdd2ca427fbe10e8d4e28646a5dc40cbcfb15e1702ed9a
APT28_2015-07_Digital Attack on German Parliament	Digital Attack on German Parliament_ Investigative Report on the Hack of the Left Party Infrastructure in Bundestag _ netzpolitik.pdf	28d4cc2a378633e0ad6f3306cc067c43	e83e2185f9e1a5dbc550914dcbc7a4d0f8b30a577ddb4cd8a0f36ac024a68aa0
APT28_2015-07_Digital Attack on German Parliament	F46F84E53263A33E266AAE520CB2C1BD0A73354E_winexesvc.exe_	77e7fb6b56c3ece4ef4e93b6dc608be0	5130f600cd9a9cdc82d4bad938b20cbd2f699aadb76e7f3f1a93602330d9997d
APT28	APT28_2015-07_ESET_Sednit_meet_Hacking
APT28_2015-07_ESET_Sednit_meet_Hacking	51B0E3CD6360D50424BF776B3CD673DD45FD0F97.exe_	973e0c922eb07aad530d8a1de19c7755	7c4101caf833aa9025fec4f04a637c049c929459ad3e4023ba27ac72bde7638d
APT28_2015-07_ESET_Sednit_meet_Hacking	B8B3F53CA2CD64BD101CB59C6553F6289A72D9BBdll_	dcf6906a9a0c970bcd93f451b9b7932a	9a527274f99865a7d70487fe22e62f692f8b239d6cb80816b919734c7c741584
APT28_2015-07_ESET_Sednit_meet_Hacking	D43FD6579AB8B9C40524CC8E4B7BD05BE6674F6C_warfsgfdydcikf.mkv.swf_	557f8d4c6f8b386c32001def807dc715	84ad945d1ab58591efb21b863320f533c53b2398a1bc690d221e1c1c77fa27ff
APT28	APT28_2015-07_Telus_Trojan-Downloader.Win32.Sofacy.B
APT28_2015-07_Telus_Trojan-Downloader.Win32.Sofacy.B	B8B3F53CA2CD64BD101CB59C6553F6289A72D9BB.dll_	dcf6906a9a0c970bcd93f451b9b7932a	9a527274f99865a7d70487fe22e62f692f8b239d6cb80816b919734c7c741584
APT28	APT28_2015-09_Root9_APT28_Technical_Followup
APT28_2015-09_Root9_APT28_Technical_Followup	0450AAF8ED309CA6BAF303837701B5B23AAC6F05_servicehost.dll_	800af1c9d341b846a856a1e686be6a3e	566ab945f61be016bfd9e83cc1b64f783b9b8deb891e6d504d3442bc8281b092
APT28_2015-09_Root9_APT28_Technical_Followup	CDEEA936331FCDD8158C876E9D23539F8976C305_exe_	5e70a5c47c6b59dae7faf0f2d62b28b3	730a0e3daf0b54f065bdd2ca427fbe10e8d4e28646a5dc40cbcfb15e1702ed9a
APT28_2015-09_Root9_APT28_Technical_Followup	F46F84E53263A33E266AAE520CB2C1BD0A73354E_winexesvc.exe_	77e7fb6b56c3ece4ef4e93b6dc608be0	5130f600cd9a9cdc82d4bad938b20cbd2f699aadb76e7f3f1a93602330d9997d
APT28	APT28_2015-09_SFecure_Sofacy-recycles-carberp-and-metasploit-code
APT28_2015-09_SFecure_Sofacy-recycles-carberp-and-metasploit-code	Dlls
Dlls	21835AAFE6D46840BB697E8B0D4AAC06DEC44F5B	211b7100fd799e9eaabeb13cfa446231	3d13f2e5b241168005425b15410556bcf26d04078da6b2ef42bc0c2be7654bf8
Dlls	3B52046DD7E1D5684EABBD9038B651726714AB69	d535c3fc5f0f98e021bea0d6277d2559	d4525abc9dd2b7ab7f0c22e58a0117980039afdf15bed04bb0c637cd41fbfb9d
Dlls	5C3E709517F41FEBF03109FA9D597F2CCC495956	ac75fd7d79e64384b9c4053b37e5623f	0ac7b666814fd016b3d21d7812f4a272104511f90ca666fa13e9fb6cefa603c7
Dlls	7319A2751BD13B2364031F1E69035ACFC4FD4D18	c0d1762561f8c2f812d868a3939d23f0	8325cd6e26fb39cf7a08787e771a6cf708e0b45350d1ea239982af06db90804f
Dlls	9FC43E32C887B7697BF6D6933E9859D29581EAD0	a3c757af9e7a9a60e235d08d54740fbc	bf28267386a010197a50b65f24e815aa527f2adbc53c609d2b2a4f999a639413
Dlls	AC61A299F81D1CFF4EA857AFD1B323724AAC3F04	acf8cda38b0d1b6a0d3664a0e33deb96	638e7ca68643d4b01432f0ecaaa0495b805cc3cccc17a753b0fa511d94a22bdd
Dlls	B8B3F53CA2CD64BD101CB59C6553F6289A72D9BB	dcf6906a9a0c970bcd93f451b9b7932a	9a527274f99865a7d70487fe22e62f692f8b239d6cb80816b919734c7c741584
Dlls	D3AA282B390A5CB29D15A97E0A046305038DBEFE	18efc091b431c39d3e59be445429a7bc	eae782130b06d95f3373ff7d5c0977a8019960bdf80614c1aa7e324dc350428a
Dlls	D85E44D386315B0258847495BE1711450AC02D9F	c4ffab85d84b494e1c450819a0e9c7db	500fa112a204b6abb365101013a17749ce83403c30cd37f7c6f94e693c2d492f
Dlls	ED9F3E5E889D281437B945993C6C2A80C60FDEDC	2dfc90375a09459033d430d046216d22	261b0a5912965ea95b8ae02aae1e761a61f9ad3a9fb85ef781e62013d6a21368
Dlls	F7608EF62A45822E9300D390064E667028B75DEA	75f71713a429589e87cf2656107d2bfc	b6fff95a74f9847f1a4282b38f148d80e4684d9c35d9ae79fad813d5dc0fd7a9
APT28_2015-09_SFecure_Sofacy-recycles-carberp-and-metasploit-code	Droppers
Droppers	015425010BD4CF9D511F7FCD0FC17FC17C23EEC1	c2a0344a2bbb29d9b56d378386afcbed	63d0b28114f6277b901132bc1cc1f541a594ee72f27d95653c54e1b73382a5f6
Droppers	4FAE67D3988DA117608A7548D9029CADDBFB3EBF	c6a80316ea97218df11e11125337233a	b0b3f0d6e6c593e2a2046833080574f98566c48a1eda865b2e110cd41bf31a31
Droppers	51B0E3CD6360D50424BF776B3CD673DD45FD0F97	973e0c922eb07aad530d8a1de19c7755	7c4101caf833aa9025fec4f04a637c049c929459ad3e4023ba27ac72bde7638d
Droppers	63D1D33E7418DAF200DC4660FC9A59492DDD50D9	2d4eaa0331abbc6d867f5f979b2c890d	b4f755c91c2790f4ab9bac4ee60725132323e13a2688f3d8939ae9ed4793d014
Droppers	B4A515EF9DE037F18D96B9B0E48271180F5725B7	afe09fb5a2b97f9e119f70292092604e	d93f22d46090bfc19ef51963a781eeb864390c66d9347e86e03bba25a1fc29c5
Droppers	B7788AF2EF073D7B3FB84086496896E7404E625E	eda061c497ba73441994a30e36f55b1d	b1800cb1d4b755e05b0fca251b8c6da96bb85f8042f2d755b7f607cbeef58db8
Droppers	B8AABE12502F7D55AE332905ACEE80A10E3BC399	91381cd82cdd5f52bbc7b30d34cb8d83	1a09ce8a9210d2530d6ce1d59bfae2ac617ac89558cdcdcac15392d176e70c8d
Droppers	F3D50C1F7D5F322C1A1F9A72FF122CAC990881EE	77089c094c0f2c15898ff0f021945148	eb6620442c3ab327f3ccff1cc6d63d6ffe7729186f7e8ac1dbbbfddd971528f0
APT28	APT28_2015-10_New Adobe Flash Zero-Day Used in Pawn Storm
APT28_2015-10_New Adobe Flash Zero-Day Used in Pawn Storm	2DF498F32D8BAD89D0D6D30275C19127763D5568763D5568.swf_	6ca857721be6fff26b10867c99bd8c80	b4064721d911e9606edf366173325945f9e940e489101e7d0747103c0e905126
APT28_2015-10_New Adobe Flash Zero-Day Used in Pawn Storm	A5FCA59A2FAE0A12512336CA1B78F857AFC06445AFC06445_ mgswizap.dll_	f1d3447a2bff56646478b0adb7d0451c	5a414a39851c4e22d4f9383211dfc080e16e2caffd90fa06dcbe51d11fdb0d6c
APT28	APT28_2015-10_Root9_APT28_targets Financial Markets
APT28_2015-10_Root9_APT28_targets Financial Markets	0450AAF8ED309CA6BAF303837701B5B23AAC6F05_servicehost.dll_	800af1c9d341b846a856a1e686be6a3e	566ab945f61be016bfd9e83cc1b64f783b9b8deb891e6d504d3442bc8281b092
APT28_2015-10_Root9_APT28_targets Financial Markets	F325970FD24BB088F1BEFDAE5788152329E26BF3_SupUpNvidia.exe_	0369620eb139c3875a62e36bb7abdae8	b1f2d461856bb6f2760785ee1af1a33c71f84986edf7322d3e9bd974ca95f92d
APT28	APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage
APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage	Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage.pdf	1a5d89f6fd3f1ed5f4e76084b0fa7806	a76b1ec9d196b5c071992486d096ad475226e92b6db06c351e3a4ad4e4949248
APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage	CB796F2986700DF9CE7D8F8D7A3F47F2EB4DF682_xp.exe_APT28	78450806e56b1f224d00455efcd04ce3	b29a16ec907997e523f97e77b885d4a8c19cb81b1abf6ee51eee54f37eecf3ff
APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage	F080E509C988A9578862665B4FCF1E4BF8D77C3E_Linux.Fysbis.A_ksysdefd_elf_APT28	075b6695ab63f36af65f7ffd45cccd39	02c7cf55fd5c5809ce2dce56085ba43795f2480423a4256537bfdfda0df85592
APT28_2015-12_Bitdefender_In-depth_analysis_of_APT28â€"The_Political_Cyber-Espionage	SIMILAR
SIMILAR	356d03f6975f443d6db6c5069d778af9_exe_	356d03f6975f443d6db6c5069d778af9	3f14fc9c29763da76dcbc8a2aaa61658781d1b215ee322a0ebfa554d8658d22b
SIMILAR	78450806e56b1f224d00455efcd04ce3_xp.exe_APT28	78450806e56b1f224d00455efcd04ce3	b29a16ec907997e523f97e77b885d4a8c19cb81b1abf6ee51eee54f37eecf3ff
SIMILAR	e49bce75070a7a3c63a7cebb699342b3_CVE-2014-4076_tan.exe_	e49bce75070a7a3c63a7cebb699342b3	16d49a40333f584b19606733b4deef1b9ecace2c32950010ad1450b44ce3716e
APT28	APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	1A4F39C0262822B0623213B8ED3F56DEE0117CD59_tf394kv.dll_	8c4d896957c36ec4abeb07b2802268b9	6cd30c85dd8a64ca529c6eab98a757fb326de639a39b597414d5340285ba91c6
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	1A4F39C0262822B0623213B8ED3F56DEE0117CD5_tf394kv.dll_	8c4d896957c36ec4abeb07b2802268b9	6cd30c85dd8a64ca529c6eab98a757fb326de639a39b597414d5340285ba91c6
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	314EF7909CA0ED3A744D2F59AB5AC8B8AE259319.dll_(4.3)AZZYimplants-USBStealer	f6f88caf49a3e32174387cacfa144a89	e917166adf6e1135444f327d8fff6ec6c6a8606d65dda4e24c2f416d23b69d45
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	3E2E245B635B04F006A0044388BD968DF9C3238C_IGFSRVC.dll_USBStealer	ce151285e8f0e7b2b90162ba171a4b90	4e4606313c423b681e11110ca5ed3a2b2632ec6c556b7ab9642372ae709555f3
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	776C04A10BDEEC9C10F51632A589E2C52AABDF48_USBGuard.exe_	8cb08140ddb00ac373d29d37657a03cc	690b483751b890d487bb63712e5e79fca3903a5623f22416db29a0193dc10527
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	AF86743852CC9DF557B62485715AF4C6D73644D3_AZZY4.3installer	c3ae4a37094ecfe95c2badecf40bf5bb	67ecc3b8c6057090c7982883e8d9d0389a8a8f6e8b00f9e9b73c45b008241322
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	C78FCAE030A66F388BF8CEA569422F5A79B7B96C_tmpdt.tmp_(4.3)AZZYimplant	ce8b99df8642c065b6af43fde1f786a3	1bab1a3e0e501d3c14652ecf60870e483ed4e90e500987c35489f17a44fef26c
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	C78FCAE030A66F388BF8CEA569422F5A79B7B96C_tmpdt.tmp__	ce8b99df8642c065b6af43fde1f786a3	1bab1a3e0e501d3c14652ecf60870e483ed4e90e500987c35489f17a44fef26c
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	E251B3EB1449F7016DF78D113571BEA57F92FC36c_servicehost.dll_USBStealer	8b238931a7f64fddcad3057a96855f6c	92dcb0d8394d0df1064e68d90cd90a6ae5863e91f194cbaac85ec21c202f581f
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	E3B7704D4C887B40A9802E0695BAE379358F3BA0_Stand-aloneAZZYbackdoor	a96f4b8ac7aa9dbf4624424b7602d4f7	a9dc96d45702538c2086a749ba2fb467ba8d8b603e513bdef62a024dfeb124cb
APT28_2015-12_Kaspersky_Sofacy APT hits high profile targets	F325970FD24BB088F1BEFDAE5788152329E26BF3_SupUpNvidia.exe_USBStealer	0369620eb139c3875a62e36bb7abdae8	b1f2d461856bb6f2760785ee1af1a33c71f84986edf7322d3e9bd974ca95f92d
APT28	APT28_2015_06_Microsoft_Security_Intelligence_Report_V19
APT28_2015_06_Microsoft_Security_Intelligence_Report_V19	0450AAF8ED309CA6BAF303837701B5B23AAC6F05_servicehost.dll_	800af1c9d341b846a856a1e686be6a3e	566ab945f61be016bfd9e83cc1b64f783b9b8deb891e6d504d3442bc8281b092
APT28_2015_06_Microsoft_Security_Intelligence_Report_V19	1535D85BEE8A9ADB52E8179AF20983FB0558CCB3.exe_	4ac8d16ff796e825625ad1861546e2e8	8c488b029188e3280ed3614346575a4a390e0dda002bca08c0335210a6202949
APT28	APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor
APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor	9444D2B29C6401BC7C2D14F071B11EC9014AE040_Fysbis_elf_	364ff454dcf00420cff13a57bcb78467	8bca0031f3b691421cb15f9c6e71ce193355d2d8cf2b190438b6962761d0c6bb
APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor	A Look Into Fysbis_ Sofacy’s Linux Backdoor - Palo Alto Networks Blog.pdf	9a6b771c934415f74a203e0dfab9edbe	1b6c3e6ef673f14536ff8d7c2bf18f9358a9a7f8962a24e2255f54ac451af86c
APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor	ECDDA7ACA5C805E5BE6E0AB2017592439DE7E32C_ksysdefd_elf	e107c5c84ded6cd9391aede7f04d64c8	fd8b2ea9a2e8a67e4cb3904b49c789d57ed9b1ce5bebfe54fe3d98214d6a0f61
APT28_2016-02_PaloAlto_Fysbis Sofacy Linux Backdoor	F080E509C988A9578862665B4FCF1E4BF8D77C3E	075b6695ab63f36af65f7ffd45cccd39	02c7cf55fd5c5809ce2dce56085ba43795f2480423a4256537bfdfda0df85592
APT29	APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	0B3852AE641DF8ADA629E245747062F889B26659.exe_	cc9e6578a47182a941a478b276320e06	fd39d2837b30e7233bc54598ff51bdc2f8c418fa5b94dea2cadb24cf40f395e5
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	74C190CD0C42304720C686D50F8184AC3FADDBE9.exe_	19172b9210295518ca52e93a29cfe8f4	40ae43b7d6c413becc92b07076fa128b875c8dbb4da7c036639eccf5a9fc784f
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	Bears in the Midst_ Intrusion into the Democratic National Committee ».pdf	dd5e31f9d323e6c3e09e367e6bd0e7b1	2d815b11f3b916bdc27b049402f5f1c024cffe2318a4f27ebfa3b8a9fffe2880
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	CB872EDD1F532C10D0167C99530A65C4D4532A1E.exe_	ce227ae503e166b77bf46b6c8f5ee4da	b101cd29e18a515753409ae86ce68a4cedbe0d640d385eb24b9bbb69cf8186ae
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	E2B98C594961AAE731B0CCEE5F9607080EC57197_pagemgr.exe_	004b55a66b3a86a1ce0a0b9b69b95976	6c1bce76f4d2358656132b6b1d471571820688ccdbaca0d86d0ca082b9390536
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee	F09780BA9EB7F7426F93126BC198292F5106424B_VmUpgradeHelper.exe_	9e7053a4b6c9081220a694ec93211b4e	4845761c9bed0563d0aa83613311191e075a9b58861e80392914d61a21bad976
APT28	APT28_2016-07_Invincea_Tunnel of Gov DNC Hack and the Russian XTunnel
APT28_2016-07_Invincea_Tunnel of Gov DNC Hack and the Russian XTunnel	E2101519714F8A4056A9DE18443BC6E8A1F1B977_PortMapClient.exe_	ad44a7c5e18e9958dda66ccfc406cd44	b81b10bdf4f29347979ea8a1715cbfc560e3452ba9fffcc33cd19a3dc47083a4
APT28_2016-07_Invincea_Tunnel of Gov DNC Hack and the Russian XTunnel	F09780BA9EB7F7426F93126BC198292F5106424B_VmUpgradeHelper.exe_	9e7053a4b6c9081220a694ec93211b4e	4845761c9bed0563d0aa83613311191e075a9b58861e80392914d61a21bad976
APT28_2016-07_Invincea_Tunnel of Gov DNC Hack and the Russian XTunnel	Tunnel of Gov_ DNC Hack and the Russian XTunnel _ Invincea.pdf	b1b88f78c2f4393d437da4ce743ac5e8	fb0cb4527efc48c90a2cd3e9e46ce59eaa280c85c50d7b680c98bb159c27881d
APT28	APT28_2016-10_ESET_Observing the Comings and Goings
APT28_2016-10_ESET_Observing the Comings and Goings	eset-sednit-part-2.pdf	c3c278991ad051fbace1e2f3a4c20998	f9ed13d5aa43c74287a936bf52772080fc26b5c62a805e19abceb20ef08ea5ff
APT28_2016-10_ESET_Observing the Comings and Goings	Sedreco-dropper
Sedreco-dropper	4F895DB287062A4EE1A2C5415900B56E2CF15842	5363e5cc28687b7dd71f1e257eab2d5d	d403ded7c4acfffe8dc2a3ad8fb848f08388b4c3452104f6970835913d92166c
Sedreco-dropper	87F45E82EDD63EF05C41D18AEDDEAC00C49F1AEE	9617f3948b1886ebc95689c02d2cf264	378ef276eeaa4a29dab46d114710fc14ba0a9f964f6d949bcbc5ed3267579892
Sedreco-dropper	8EE6CEC34070F20FD8AD4BB202A5B08AEA22ABFA	30cda69cf82637dfa2ffdc803bf2aead	20ac1420eade0bdb464cd9f6d26a84094271b252c0650a7853721d8e928f6e6c
Sedreco-dropper	9E779C8B68780AC860920FCB4A8E700D97F084EF	f686304cff9b35ea0d7647820ab525ba	2c81023a146d2b5003d2b0c617ebf2eb1501dc6e55fc6326e834f05f5558c0ec
Sedreco-dropper	C23F18DE9779C4F14A3655823F235F8E221D0F6A	9f82abbaebc1093a187f1887df2cf926	ec2f14916e0b52fb727111962dff9846839137968e32269a82288aee9f227bd4
Sedreco-dropper	E034E0D9AD069BAB5A6E68C1517C15665ABE67C9	6a24be8f61bcd789622dc55ebb7db90b	fb3a3339e2ba82cb3dcdc43d0e49e7b8a26ced3a587f5ee15a256aee062e6e05
Sedreco-dropper	E17615331BDCE4AFA45E4912BDCC989EACF284BC	5e93cf87040cf225ab5b5b9f9f0a0d03	6bbec6b2927325891cc008d3378d30941fe9d21e5c9bd6459e8e3ba8c78833c2
APT28_2016-10_ESET_Observing the Comings and Goings	Sedreco_payload
Sedreco_payload	04301B59C6EB71DB2F701086B617A98C6E026872	cf30b7550f04a9372c3257c9b5cff3e9	37bf2c811842972314956434449fd294e793b43c1a7b37cfe41af4fcc07d329d
Sedreco_payload	11AF174294EE970AC7FD177746D23CDC8FFB92D7	9422ca55f7fca4449259d8878ede5e47	ba1c02aa6c12794a33c4742e62cbda3c17def08732f3fbaeb801f1806770b9a0
Sedreco_payload	E3B7704D4C887B40A9802E0695BAE379358F3BA0	a96f4b8ac7aa9dbf4624424b7602d4f7	a9dc96d45702538c2086a749ba2fb467ba8d8b603e513bdef62a024dfeb124cb
APT28_2016-10_ESET_Observing the Comings and Goings	XAgent-LIN
XAgent-LIN	7E33A52E53E85DDB1DC8DC300E6558735ACF10CE	fd8d1b48f91864dc5acb429a49932ca3	dd8facad6c0626b6c94e1cc891698d4982782a5564aae696a218c940b7b8d084
XAgent-LIN	9444D2B29C6401BC7C2D14F071B11EC9014AE040	364ff454dcf00420cff13a57bcb78467	8bca0031f3b691421cb15f9c6e71ce193355d2d8cf2b190438b6962761d0c6bb
XAgent-LIN	ECDDA7ACA5C805E5BE6E0AB2017592439DE7E32C	e107c5c84ded6cd9391aede7f04d64c8	fd8b2ea9a2e8a67e4cb3904b49c789d57ed9b1ce5bebfe54fe3d98214d6a0f61
XAgent-LIN	F080E509C988A9578862665B4FCF1E4BF8D77C3E	075b6695ab63f36af65f7ffd45cccd39	02c7cf55fd5c5809ce2dce56085ba43795f2480423a4256537bfdfda0df85592
APT28_2016-10_ESET_Observing the Comings and Goings	XAgent-WIN
XAgent-WIN	072933FA35B585511003F36E3885563E1B55D55A	99b93cfcff258eb49e7af603d779a146	c19d266af9e33dae096e45e7624ab3a3f642c8de580e902fec9dac11bcb8d3fd
XAgent-WIN	082141F1C24FB49981CC70A9ED50CDA582EE04DD	7a055cbe6672f77b2271c1cb8e2670b8	99d3f03fc6f048c74e58da6fb7ea1e831ba31d58194ad2463a7a6cd55da5f96b
XAgent-WIN	08C4D755F14FD6DF76EC86DA6EAB1B5574DFBAFD	26ac59dab32f6246e1ce3da7506d48fa	5f6b2a0d1d966fc4f1ed292b46240767f4acb06c13512b0061b434ae2a692fa1
XAgent-WIN	0F04DAD5194F97BB4F1808DF19196B04B4AEE1B8	8b6d824619e993f74973eedfaf18be78	972e907a901a7716f3b8f9651eadd65a0ce09bbc78a1ceacff6f52056af8e8f4
XAgent-WIN	3403519FA3EDE4D07FB4C05D422A9F8C026CEDBF	113cc4a88fd28ea4398e312093a6a4d5	ddab96e4a8e909065e05c4b6a73ba351ea45ad4806258f41ac3cecbcae8671a6
XAgent-WIN	499FF777C88AEACBBAA47EDDE183C944AC7E91D2	ea726d3e8f6516807366584f3c5b5e2a	82c4e9bc100533482a15a1d756d55e1a604d330eff8fbc0e13c4b166ac2c9bd3
XAgent-WIN	4B74C90C9D9CE7668AA9EB09978C1D8D4DFDA24A	409848dabfd110f4d373dd0a97ff708e	24e11c80f1d4c1e9db654d54cc784db6b5f4a126f9fe5e26c269fdc4009c8f29
XAgent-WIN	4BC32A3894F64B4BE931FF20390712B4EC605488	57cc08213ab8b6d4a538e4568d00a123	b23193bff95c4e65af0c9848036eb80ef006503a78be842e921035f8d77eb5de
XAgent-WIN	5F05A8CB6FEF24A91B3BD6C137B23AB3166F39AE	9ca6ead1384953d787487d399c23cb41	07393ac2e890772f70adf9e8d3aa07ab2f98e2726e3be275276dadd00daf5fc6
XAgent-WIN	71636E025FA308FC5B8065136F3DD692870CB8A4	96ed0a7976e57ae0bb79dcbd67e39743	ea957d663dbc0b28844f6aa7dfdc5ac0110a4004ac46c87d0f1aa943ef253cfe
XAgent-WIN	780AA72F0397CB6C2A78536201BD9DB4818FA02A	effd7b2411975447fd36603445b380c7	d0e019229493a1cfb3ffc918a2d8ffcbaee31f9132293c95b1f8c1fd6d595054
XAgent-WIN	A70ED3AE0BC3521E743191259753BE945972118B	9a66142acfc7739f78c23ab1252db45b	715f69916db9ff8fedf6630307f4ebb84aae6653fd0e593036517c5040d84dbe
XAgent-WIN	BAA4C177A53CFA5CC103296B07B62565E1C7799F	9d1a09bb98bf1ee31f390b60b0cf724d	dea4e560017b4da05e8fd0a03ba74239723349934ee8fbd201a79be1ecf1c32d
XAgent-WIN	C18EDCBA2C31533B7CDB6649A970DCE397F4B13C	4265f6e8cc545b925912867ec8af2f11	fc2dbfda41860b2385314c87e81f1ebb4f9ae1106b697e019841d8c3bf402570
XAgent-WIN	C2E8C584D5401952AF4F1DB08CF4B6016874DDAC	078755389b98d17788eb5148e23109a6	54c4ce98970a44f92be748ebda9fcfb7b30e08d98491e7735be6dd287189cea3
XAgent-WIN	D00AC5498D0735D5AE0DEA42A1F477CF8B8B0826	12a9fff59de1663dec1b45ea2ede22f5	68065abd6482405614d245537600ea60857c6ec9febac4870486b5227589d35c
XAgent-WIN	D0DB619A7A160949528D46D20FC0151BF9775C32	ee64d3273f9b4d80020c24edcbbf961e	e031299fa1381b40c660b8cd831bb861654f900a1e2952b1a76bedf140972a81
XAgent-WIN	E816EC78462B5925A1F3EF3CDB3CAC6267222E72	404eb3f7554392e85e56aed414db8455	94c220653ea7421c60e3eafd753a9ae9d69b475d61230f2f403789d326309c24
XAgent-WIN	F1EE563D44E2B1020B7A556E080159F64F3FD699	58ca9243d35e529499dd17d27642b419	bebe0be0cf8349706b2feb789572e035955209d5bf5d5fea0e5d29a7fbfdc7c4
APT28_2016-10_ESET_Observing the Comings and Goings	Xtunnel
Xtunnel	0450AAF8ED309CA6BAF303837701B5B23AAC6F05	800af1c9d341b846a856a1e686be6a3e	566ab945f61be016bfd9e83cc1b64f783b9b8deb891e6d504d3442bc8281b092
Xtunnel	067913B28840E926BF3B4BFAC95291C9114D3787	02522ce47a8db9544f8877dace7e0833	d2a6064429754571682f475b6b67f36526f1573d846182aab3516c2637fa1e81
Xtunnel	1535D85BEE8A9ADB52E8179AF20983FB0558CCB3	4ac8d16ff796e825625ad1861546e2e8	8c488b029188e3280ed3614346575a4a390e0dda002bca08c0335210a6202949
Xtunnel	42DEE38929A93DFD45C39045708C57DA15D7586C	ae4ded48da0766d237ce2262202c3c96	a2c9041ee1918523e67dbaf1c514f98609d4dbe451ba08657653bb41946fc89d
Xtunnel	8F4F0EDD5FB3737914180FF28ED0E9CCA25BF4CC	e766e048bd222cfd2b9cc1bf24125dac	1289ee3d29967f491542c0bdeff6974aad6b37932e91ff9c746fb220d5edb407
Xtunnel	982D9241147AAACF795174A9DAB0E645CF56B922	0ebfac6dba63ff8b35cbd374ef33323a	c9ef265fc0a174f3033ff21b8f0274224eb7154dca97f15cba598952be2fbace
Xtunnel	99B454262DC26B081600E844371982A49D334E5E	ac3e087e43be67bdc674747c665b46c2	a979c5094f75548043a22b174aa10e1f2025371bd9e1249679f052b168e194b3
Xtunnel	C637E01F50F5FBD2160B191F6371C5DE2AC56DE4	b2dc7c29cbf8d71d1dd57b474f1e04b9	c6a9db52a3855d980a7f383dbe2fb70300a12b7a3a4f0a995e2ebdef769eaaca
Xtunnel	C91B192F4CD47BA0C8E49BE438D035790FF85E70	672b8d14d1d3e97c24baf69d50937afc	1c8869abf756e77e1b6d7d0ad5ca8f1cdce1a111315c3703e212fb3db174a6d5
Xtunnel	CDEEA936331FCDD8158C876E9D23539F8976C305	5e70a5c47c6b59dae7faf0f2d62b28b3	730a0e3daf0b54f065bdd2ca427fbe10e8d4e28646a5dc40cbcfb15e1702ed9a
Xtunnel	DB731119FCA496064F8045061033A5976301770D	34651f2df01b956f1989da4b3ea40338	60ee6fdca66444bdc2e4b00dc67a1b0fdee5a3cd9979815e0aab9ce6435262c6
Xtunnel	DE3946B83411489797232560DB838A802370EA71	1d1287d4a3ba5d02cca91f51863db738	4dd8ab2471337a56b431433b7e8db2a659dc5d9dc5481b4209c4cddd07d6dc2b
Xtunnel	E945DE27EBFD1BAF8E8D2A81F4FB0D4523D85D6A	cd1c521b6ae08fc97e3d69f242f00f9e	d2e947a39714478983764b270985d2529ff682ffec9ebac792158353caf90ed3
APT28	APT28_2016-10_ESET_Sednit A Mysterious Downloader
APT28_2016-10_ESET_Sednit A Mysterious Downloader	1CC2B6B208B7687763659AEB5DCB76C5C2FBBF26.scr_	006b418307c534754f055436a91848aa	6507caba5835cad645ae80a081b98284032e286d97dabb98bbfeb76c3d51a094
APT28_2016-10_ESET_Sednit A Mysterious Downloader	49ACBA812894444C634B034962D46F986E0257CF.exe_	23ae20329174d44ebc8dbfa9891c6260	3e23201e6c52470e73a92af2ded12e6a5d1ad39538f41e762ca1c4b8d93c6d8d
APT28_2016-10_ESET_Sednit A Mysterious Downloader	4C9C7C4FD83EDAF7EC80687A7A957826DE038DD7.exe_	0eefeaf2fb78ebc49e7beba505da273d	6ccc375923a00571dffca613a036f77a9fc1ee22d1fddffb90ab7adfbb6b75f1
APT28_2016-10_ESET_Sednit A Mysterious Downloader	4F92D364CE871C1AEBBF3C5D2445C296EF535632.exe_	9227678b90869c5a67a05defcaf21dfb	79a508ba42247ddf92accbf5987b1ffc7ba20cd11806d332979d8a8fe85abb04
APT28_2016-10_ESET_Sednit A Mysterious Downloader	516EC3584073A1C05C0D909B8B6C15ECB10933F1.exe_	607a7401962eaf78b93676c9f5ca6a26	ecd2c8e79554f226b69bed7357f61c75f1f1a42f1010d7baa72abe661a6c0587
APT28_2016-10_ESET_Sednit A Mysterious Downloader	593D0EB95227E41D299659842395E76B55AA048D.exe_	6cd2c953102792b738664d69ce41e080	a13aa88c32eb020071c2c92f5364fd98f6dead7bcf71320731f05cd0a34a59db
APT28_2016-10_ESET_Sednit A Mysterious Downloader	593D0EB95227E41D299659842395E76B55AA048D_dll_	6cd2c953102792b738664d69ce41e080	a13aa88c32eb020071c2c92f5364fd98f6dead7bcf71320731f05cd0a34a59db
APT28_2016-10_ESET_Sednit A Mysterious Downloader	5C132AE63E3B41F7B2385740B9109B473856A6A5.dll_	94ebc9ef5565f98b1aa1e97c6d35c2e0	cfc60d5db3bfb4ec462d5e4bd5222f04d7383d2c1aec1dc2a23e3c74a166a93d
APT28_2016-10_ESET_Sednit A Mysterious Downloader	5FC4D555CA7E0536D18043977602D421A6FD65F9.exe_	81d9649612b05829476854bde71b8c3f	1faf645c2b43cd78cc70df6bcbcd95e38f19d16ca2101de0b6a8fc31cac24c37
APT28_2016-10_ESET_Sednit A Mysterious Downloader	669A02E330F5AFC55A3775C4C6959B3F9E9965CF.exe_	a0f212fd0f103ca8beaf8362f74903a2	a50cb9ce1f01ea335c95870484903734ba9cd732e7b3db16cd962878bac3a767
APT28_2016-10_ESET_Sednit A Mysterious Downloader	6CAA48CD9532DA4CABD6994F62B8211AB9672D9E_bk.exe_	9df2ddb2631ff5439c34f80ace40cd29	f18fe2853ef0d4898085cc5581ae35b83fc6d1c46563dbc8da1b79ef9ef678eb
APT28_2016-10_ESET_Sednit A Mysterious Downloader	7394EA20C3D510C938EF83A2D0195B767CD99ED7_x32.dll_	d70f4e9d55698f69c5f63b1a2e1507eb	471fbdc52b501dfe6275a32f89a8a6b02a2aa9a0e70937f5de610b4185334668
APT28_2016-10_ESET_Sednit A Mysterious Downloader	9F3AB8779F2B81CAE83F62245AFB124266765939.exe_	3430bf72d2694e428a73c84d5ac4a4b9	b1900cb7d1216d1dbc19b4c6c8567d48215148034a41913cc6e59958445aebde
APT28_2016-10_ESET_Sednit A Mysterious Downloader	E8ACA4B0CFE509783A34FF908287F98CAB968D9E.exe_	991ffdbf860756a4589164de26dd7ccf	44e8d3ffa0989176e62b8462b3d14ad38ede5f859fd3d5eb387050f751080aa2
APT28_2016-10_ESET_Sednit A Mysterious Downloader	EE788901CD804965F1CD00A0AFC713C8623430C4.exe_	93c589e9eaf3272bc0349d605b85c566	f9c0303d07800ed7cba1394cd326bbe8f49c7c5e0e062be59a9749f6c51c6e69
APT28_2016-10_ESET_Sednit A Mysterious Downloader	EE788901CD804965F1CD00A0AFC713C8623430C46.exe_	93c589e9eaf3272bc0349d605b85c566	f9c0303d07800ed7cba1394cd326bbe8f49c7c5e0e062be59a9749f6c51c6e69
APT28_2016-10_ESET_Sednit A Mysterious Downloader	eset-sednit-part3.pdf	a7b4e01335aac544a12c6f88aab80cd9	2c7a60963b94b6fc924abdcb19da4d32f35c86cdfe2277b0081cd02c72435b48
APT28	APT28_2016-10_ESET_Sednit Approaching the Target
APT28_2016-10_ESET_Sednit Approaching the Target	015425010BD4CF9D511F7FCD0FC17FC17C23EEC1	c2a0344a2bbb29d9b56d378386afcbed	63d0b28114f6277b901132bc1cc1f541a594ee72f27d95653c54e1b73382a5f6
APT28_2016-10_ESET_Sednit Approaching the Target	0F7893E2647A7204DBF4B72E50678545573C3A10	35283c2e60a3cba6734f4f98c443d11f	da43d39c749c121e99bba00ce809ca63794df3f704e7ad4077094abde4cf2a73
APT28_2016-10_ESET_Sednit Approaching the Target	10686CC4E46CF3FFBDEB71DD565329A80787C439	d7c471729bc124babf32945eb5706eb6	bc8fec92eee715e77c762693f1ae2bbcd6a3f3127f1226a847a8efdc272e2cbc
APT28_2016-10_ESET_Sednit Approaching the Target	17661A04B4B150A6F70AFDABE3FD9839CC56BEE8	a579d53a1d29684de6d2c0cbabd525c5	6562e2ac60afa314cd463f771fcfb8be70f947f6e2b314b0c48187eebb33dd82
APT28_2016-10_ESET_Sednit Approaching the Target	21835AAFE6D46840BB697E8B0D4AAC06DEC44F5B	211b7100fd799e9eaabeb13cfa446231	3d13f2e5b241168005425b15410556bcf26d04078da6b2ef42bc0c2be7654bf8
APT28_2016-10_ESET_Sednit Approaching the Target	2663EB655918C598BE1B2231D7C018D8350A0EF9	540e4a7a28ca1514e53c2564993d8d87	31dd3e3c05fabbfeafbcb7f5616dba30bbb2b1fc77dba6f0250a2c3270c0dd6b
APT28_2016-10_ESET_Sednit Approaching the Target	2C86A6D6E9915A7F38D119888EDE60B38AB1D69D	56e011137b9678f1fcc54f9372198bae	69d5123a277dc1f618be5edcc95938a0df148c856d2e1231a07e2743bd683e01
APT28_2016-10_ESET_Sednit Approaching the Target	351C3762BE9948D01034C69ACED97628099A90B0	83cf67a5d2e68f9c00fbbe6d7d9203bf	853dbbba09e2463c45c0ad913d15d67d15792d888f81b4908b2216859342aa04
APT28_2016-10_ESET_Sednit Approaching the Target	3956CFE34566BA8805F9B1FE0D2639606A404CD4	dffb22a1a6a757443ab403d61e760f0c	0356f5fa9907ea060a7d6964e65f019896deb1c7e303b7ba04da1458dc73a842
APT28_2016-10_ESET_Sednit Approaching the Target	4D5E923351F52A9D5C94EE90E6A00E6FCED733EF	6159c094a663a171efd531b23a46716d	e00eaf295a28f5497dbb5cb8f647537b6e55dd66613505389c24e658d150972c
APT28_2016-10_ESET_Sednit Approaching the Target	4FAE67D3988DA117608A7548D9029CADDBFB3EBF	c6a80316ea97218df11e11125337233a	b0b3f0d6e6c593e2a2046833080574f98566c48a1eda865b2e110cd41bf31a31
APT28_2016-10_ESET_Sednit Approaching the Target	51B0E3CD6360D50424BF776B3CD673DD45FD0F97	973e0c922eb07aad530d8a1de19c7755	7c4101caf833aa9025fec4f04a637c049c929459ad3e4023ba27ac72bde7638d
APT28_2016-10_ESET_Sednit Approaching the Target	51E42368639D593D0AE2968BD2849DC20735C071	dfc836e035cb6c43ce26ed870f61d7e8	13468ebe5d47d57d62777043c80784cbf475fb2de1df4546a307807bd2376b45
APT28_2016-10_ESET_Sednit Approaching the Target	5C3E709517F41FEBF03109FA9D597F2CCC495956	ac75fd7d79e64384b9c4053b37e5623f	0ac7b666814fd016b3d21d7812f4a272104511f90ca666fa13e9fb6cefa603c7
APT28_2016-10_ESET_Sednit Approaching the Target	63D1D33E7418DAF200DC4660FC9A59492DDD50D9	2d4eaa0331abbc6d867f5f979b2c890d	b4f755c91c2790f4ab9bac4ee60725132323e13a2688f3d8939ae9ed4793d014
APT28_2016-10_ESET_Sednit Approaching the Target	69D8CA2A02241A1F88A525617CF18971C99FB63B	ed601bbd4dd0e267afb0be840cb27c90	4c52957270e63efa4b81a1c6551c706b82951f019b682219096e67182a727eab
APT28_2016-10_ESET_Sednit Approaching the Target	6FB3FD8C2580C84314B14510944700144A9E31DF	f7ee38ca49cd4ae35824ce5738b6e587	63911ebce691c4b7c9582f37f63f6f439d2ce56e992bfbdcf812132512e753eb
APT28_2016-10_ESET_Sednit Approaching the Target	80DCA565807FA69A75A7DD278CEF1DAAEE34236E	9863f1efc5274b3d449b5b7467819d28	0abda721c4f1ca626f5d8bd2ce186aa98b197ca68d53e81cf152c32230345071
APT28_2016-10_ESET_Sednit Approaching the Target	842B0759B5796979877A2BAC82A33500163DED67	291af793767f5c5f2dc9c6d44f1bfb59	f50791f9909c542e4abb5e3f760c896995758a832b0699c23ca54b579a9f2108
APT28_2016-10_ESET_Sednit Approaching the Target	8F99774926B2E0BF85E5147AACA8BBBBCC5F1D48	c2988e3e4f70d5901b234ff1c1363dcc	69940a20ab9abb31a03fcefe6de92a16ed474bbdff3288498851afc12a834261
APT28_2016-10_ESET_Sednit Approaching the Target	90C3B756B1BB849CBA80994D445E96A9872D0CF5	21d63e99ed7dcd8baec74e6ce65c9ef3	dfa8a85e26c07a348a854130c652dcc6d29b203ee230ce0603c83d9f11bbcacc
APT28_2016-10_ESET_Sednit Approaching the Target	99F927F97838EB47C1D59500EE9155ADB55B806A	07c8a0a792a5447daf08ac32d1e283e8	8f0674cb85f28b2619a6e0ddc74ce71e92ce4c3162056ef65ff2777104d20109
APT28_2016-10_ESET_Sednit Approaching the Target	9FC43E32C887B7697BF6D6933E9859D29581EAD0	a3c757af9e7a9a60e235d08d54740fbc	bf28267386a010197a50b65f24e815aa527f2adbc53c609d2b2a4f999a639413
APT28_2016-10_ESET_Sednit Approaching the Target	A43EF43F3C3DB76A4A9CA8F40F7B2C89888F0399	7c2b1de614a9664103b6ff7f3d73f83d	c2551c4e6521ac72982cb952503a2e6f016356e02ee31dea36c713141d4f3785
APT28_2016-10_ESET_Sednit Approaching the Target	A5FCA59A2FAE0A12512336CA1B78F857AFC06445	f1d3447a2bff56646478b0adb7d0451c	5a414a39851c4e22d4f9383211dfc080e16e2caffd90fa06dcbe51d11fdb0d6c
APT28_2016-10_ESET_Sednit Approaching the Target	A857BCCF4CC5C15B60667ECD865112999E1E56BA	0c334645a4c12513020aaabc3b78ef9f	e1b1143c0003c6905227df37d40aacbaecc2be8b9d86547650fe11bd47ca6989
APT28_2016-10_ESET_Sednit Approaching the Target	B4A515EF9DE037F18D96B9B0E48271180F5725B7	afe09fb5a2b97f9e119f70292092604e	d93f22d46090bfc19ef51963a781eeb864390c66d9347e86e03bba25a1fc29c5
APT28_2016-10_ESET_Sednit Approaching the Target	B7788AF2EF073D7B3FB84086496896E7404E625E	eda061c497ba73441994a30e36f55b1d	b1800cb1d4b755e05b0fca251b8c6da96bb85f8042f2d755b7f607cbeef58db8
APT28_2016-10_ESET_Sednit Approaching the Target	B8AABE12502F7D55AE332905ACEE80A10E3BC399	91381cd82cdd5f52bbc7b30d34cb8d83	1a09ce8a9210d2530d6ce1d59bfae2ac617ac89558cdcdcac15392d176e70c8d
APT28_2016-10_ESET_Sednit Approaching the Target	C1EAE93785C9CB917CFB260D3ABF6432C6FDAF4D	732fbf0a4ceb10e9a2254af59ae4f880	6236a1bdd76ed90659a36f58b3e073623c34c6436d26413c8eca95f3266cc6fc
APT28_2016-10_ESET_Sednit Approaching the Target	C2E8C584D5401952AF4F1DB08CF4B6016874DDAC	078755389b98d17788eb5148e23109a6	54c4ce98970a44f92be748ebda9fcfb7b30e08d98491e7735be6dd287189cea3
APT28_2016-10_ESET_Sednit Approaching the Target	C345A85C01360F2833752A253A5094FF421FC839	1219318522fa28252368f58f36820ac2	fbd5c2cf1c1f17402cc313fe3266b097a46e08f48b971570ef4667fbfd6b7301
APT28_2016-10_ESET_Sednit Approaching the Target	D3AA282B390A5CB29D15A97E0A046305038DBEFE	18efc091b431c39d3e59be445429a7bc	eae782130b06d95f3373ff7d5c0977a8019960bdf80614c1aa7e324dc350428a
APT28_2016-10_ESET_Sednit Approaching the Target	D85E44D386315B0258847495BE1711450AC02D9F	c4ffab85d84b494e1c450819a0e9c7db	500fa112a204b6abb365101013a17749ce83403c30cd37f7c6f94e693c2d492f
APT28_2016-10_ESET_Sednit Approaching the Target	D9989A46D590EBC792F14AA6FEC30560DFE931B1	8b031fce1d0c38d6b4c68d52b2764c7e	4bcd11142d5b9f96730715905152a645a1bf487921dd65618c354281512a4ae7
APT28_2016-10_ESET_Sednit Approaching the Target	E5FB715A1C70402774EE2C518FB0E4E9CD3FDCFF	072c692783c67ea56da9de0a53a60d11	c431ae04c79ade56e1902094acf51e5bf6b54d65363dfa239d59f31c27989fde
APT28_2016-10_ESET_Sednit Approaching the Target	E742B917D3EF41992E67389CD2FE2AAB0F9ACE5B	7764499bb1c4720d0f1d302f15be792c	63047199037892f66dc083420e2fc60655a770756848c1f07adc2eb7d4a385d0
APT28_2016-10_ESET_Sednit Approaching the Target	ED9F3E5E889D281437B945993C6C2A80C60FDEDC	2dfc90375a09459033d430d046216d22	261b0a5912965ea95b8ae02aae1e761a61f9ad3a9fb85ef781e62013d6a21368
APT28_2016-10_ESET_Sednit Approaching the Target	F024DBAB65198467C2B832DE9724CB70E24AF0DD	7b1bfd7c1866040e8f618fe67b93bea5	df47a939809f925475bc19804319652635848b8f346fb7dfd8c95c620595fe9f
APT28_2016-10_ESET_Sednit Approaching the Target	F3D50C1F7D5F322C1A1F9A72FF122CAC990881EE	77089c094c0f2c15898ff0f021945148	eb6620442c3ab327f3ccff1cc6d63d6ffe7729186f7e8ac1dbbbfddd971528f0
APT28_2016-10_ESET_Sednit Approaching the Target	F7608EF62A45822E9300D390064E667028B75DEA	75f71713a429589e87cf2656107d2bfc	b6fff95a74f9847f1a4282b38f148d80e4684d9c35d9ae79fad813d5dc0fd7a9
APT28_2016-10_ESET_Sednit Approaching the Target	eset-sednit-part1.pdf	bae0221feefb37e6b81f5ca893864743	b31b27aa0808aea5b0e8823ecb07402c0c2bbf6818a22457e146c97f685162b4
APT28	APT28_2016-10_Sekoia_Rootkit analysisUse case on HideDRV
APT28_2016-10_Sekoia_Rootkit analysisUse case on HideDRV	83E54CB97644DE7084126E702937F8C3A2486A2F_fsflt.sys_	f8c8f6456c5a52ef24aa426e6b121685	4bfe2216ee63657312af1b2507c8f2bf362fdf1d63c88faba397e880c2e39430
APT28_2016-10_Sekoia_Rootkit analysisUse case on HideDRV	9F3AB8779F2B81CAE83F62245AFB124266765939_fsflt.1	3430bf72d2694e428a73c84d5ac4a4b9	b1900cb7d1216d1dbc19b4c6c8567d48215148034a41913cc6e59958445aebde
APT28	APT28_2017-02_Bitdefender_OSX_XAgent
APT28_2017-02_Bitdefender_OSX_XAgent	70A1C4ED3A09A44A41D54C4FD4B409A5FC3159F6_XAgent_OSX	4fe4b9560e99e33dabca553e2eeee510	2a854997a44f4ba7e307d408ea2d9c1d84dde035c5dab830689aa45c5b5746ea

Related articles

• Chema Alonso Libros
• Blackhat Hacking
• Definicion De Hacker
• Hacking System
• Pagina Hacker
• Paginas Para Hackear
• Tutoriales Hacking