Follow

APT (RU) - GOV.UA targeting:
MD5: 49CDE7D0CA755F0C284D9690E84711AC
New , old tehniques:
1. SFX with fake MS Word ico show real document and execute
2. Comm through fake wget to winrouts.ddns[.]net

Reverse engineer and review the Gamaredon Group Pteranodon Implant (including its batch scripts and decoding mechanism)
vkremez.com/2019/01/lets-learn

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.