y5qa5B
20.04.2016 Views
Share Embed Flag

y5qa5B

y5qa5B

y5qa5B

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
piyokango

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

ASERT Threat Intelligence Report 2016-03: The Four-Element Sword Engagement<br />

SHA-­‐256 (maindll.dll): 5838582ea26312cc60b43da555189b439d3688597a705e3a52dc4d935517f69d <br />

SHA-­‐256 (nvsvc.exe): ec05e37230e6534fa148b8e022f797ad0afe80f699fbd222a46672118663cf00 <br />

SHA-­‐256 (runas.exe): 5b34b3365eb6a6c700b391172849a2668d66a167669018ae3b9555bc2d1e54ab <br />

File creation: conhost.log <br />

File creation: keylog <br />

File creation: srvlic.dll <br />

File creation: up.dat <br />

File creation: xx1.tmp <br />

File creation: xx2.tmp <br />

File creation: xx3.tmp <br />

File creation: xx4.tmp <br />

File creation: xx5.tmp <br />

File creation: xx6.tmp <br />

Targeted Exploitation #10: PlugX, Tibetan theme<br />

The original filename is HUMAN RIGHTS SITUATION IN TIBET.doc. <br />

The bait file is originally horizontal, but has been rotated for the sake of readability, and consists of the first <br />

two pages apparently from a document published by the Tibetan Center for Human Rights and Democracy <br />

called “HUMAN RIGHTS SITUATION IN TIBET”: <br />

The metadata for the Word bait file shows a February 2016 timeframe and the user “member0975”. <br />

36 Proprietary and Confidential Information of Arbor Networks, Inc.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!