MONSOON – ANALYSIS OF AN APT CAMPAIGN
monsoon-analysis-apt-campaign?utm_source=Labs&utm_medium=blog&utm_content=monsoon_whitepaper&utm_campaign=monsoon
monsoon-analysis-apt-campaign?utm_source=Labs&utm_medium=blog&utm_content=monsoon_whitepaper&utm_campaign=monsoon
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Forcepoint Security Labs | Special Investigations<br />
REFERENCES<br />
[1] S. Fagerland, “The Hangover Report,” Bluecoat, 2013 May 2013. [Online]. Available:<br />
https://www.bluecoat.com/security-blog/2013-05-20/hangover-report. [Accessed May 2016].<br />
[2] S. Fagerland, M. Kråkvik, J. Camp and N. Moran, “Operation Hangover: Unveiling an Indian<br />
Cyberattack Infrastructure,” Norman AS, May 2013. [Online]. Available: http://enterprisemanage.norman.c.bitbit.net/resources/files/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf.<br />
[Accessed May 2016].<br />
[3] “AutoIT,” [Online]. Available: https://www.autoitscript.com/site/autoit/. [Accessed June 2016].<br />
[4] “Patchwork <strong>–</strong> Targeted Attack (<strong>APT</strong>),” Cymmertia, 7 July 2016. [Online]. Available:<br />
https://www.cymmetria.com/patchwork-targeted-attack/. [Accessed July 2016].<br />
[5] “Microsoft Office Memory Errors Let Remote Users Execute Arbitrary Code and Input Validation<br />
Flaw Permits Cross-Site Scripting Attacks,” February 2015. [Online]. Available:<br />
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1641. [Accessed July 2016].<br />
[6] “Cyberthreats GitHub: MyDoom Malware Source Code,” [Online]. Available:<br />
https://github.com/cyberthreats/malware-source-mydoom. [Accessed February 2016].<br />
[7] “Leo Davidson & hfiref0x's UAC bypass Method,” March 2015. [Online]. Available:<br />
https://github.com/hfiref0x/UACME/blob/master/Source/Akagi/pitou.c. [Accessed July 2016].<br />
[8] J.-I. Boutin, “Targeted information stealing attacks in South Asia use email, signed binaries,”<br />
ESET, 16 May 2013. [Online]. Available: http://www.welivesecurity.com/2013/05/16/targetedthreat-pakistan-india/.<br />
[Accessed Aug 2016].<br />
<strong>MONSOON</strong> <strong>–</strong> <strong><strong>AN</strong>ALYSIS</strong> <strong>OF</strong> <strong>AN</strong> <strong>APT</strong> <strong>CAMPAIGN</strong> Revision: 1.07 | TLP-WHITE | 57/57