BushidoUK/BYOVA Collection.txt

## BYOVA Collection.txt
Valid signed file by Symantec, Symantec Antivirus Installer
61d1943f0b702f4c16bb37228ade1d8f0ef4675b480921950d026c82e4a65fde

Valid signed file by Venta Association, VentaFax MAPI client
390d75e6c7fc1cf258145dc712c1fac1eb183efccee1b03c058cec1d790e46b1

Valid signed file by Vivaldi Technologies, Vivaldi.exe
58e7af5eb1acb5c9bee821d59054c69263aed3dce1b95616255dea7114ad8494

Valid signed file by Invincea, Inc. Sandboxie
90a29c688ce683fb2201145faac00cb44c3d5566697279b68960c6bc3208ae84

Valid signed file by Guosen, GuosenPassGuard
cb8a83b590893daa9b02b8e1a1c9afb68d6f2a82c9e0d2d2c63a36a510f6fda3

Valid signed file by Avast Software, Avast Internet WSC Proxy
bd4635d582413f84ac83adbb4b449b18bac4fc87ca000d0c7be84ad0f9caf68e

Valid signed file by Microsoft, Microsoft C Runtime Library
f11009988b813821857c8d2db0f88e1d45b20762f62a3cf432339f352b12cefe

Valid signed file by Logitech, Logitech PlugIn Installer Utility
2f2a5e5cdb262cd62b43b88bf1e9cfb40a26eac5897616b9eacec4e25d95cbb9

Valid signed file by Hewlett Packard, HP Digital Imaging
8857232077b4b0f0e4a2c3bb5717fd65079209784f41694f8e1b469e34754cf6

Valid signed file by Microsoft, Microsoft C Runtime Library
86e39b5995af0e042fcdaa85fe2aefd7c9ddc7ad65e6327bd5e7058bc3ab615f

Valid signed file by Google, GoogleUpdateSetup.exe
fa56ba25861f1b5040afd04bfbfd36353004cd6b2c457971fb01db26ff002f35

Valid signed file by Qihoo 360 Software (Beijing) Company Limited
a23dbce5bcde8ce541b8f326a951d29f6241280d944a1e921ca8658d3d4b65ac

Valid signed file by DigiCert, SmadavProtect Antivirus software
4f54a6555a7a3bec84e8193d2ff9ae75eb7f06110505e78337fa2f515790a562

Valid signed file WinGup for Notepadd++
e5bbbf34414426f63e6cd1354c306405e54bf31279829c7542dccfb7d85af0ec

Valid signed file by Microsoft, OLEview
91f6547bceddfb2f241570ac82c00de700e311e4a38dea60d8619638f1ed3520

Valid signed file by McAfee, MCSync
075f9dfb6ab3379f69165c03991abf1a969ca0c21e04564543564dc536ea95dd

Valid signed file by Microsoft, .NET Framework Optimization Service
0809e3b71709f1343086eeb6c820543c1a7119e74eef8ac1aee1f81093abec66

Valid signed file by Yandex, Yandex Browser
12b15f31f295416417f1e028904a4e10a0c8ec39dd00bac7df4887c194f2865b

Valid signed file by Microsoft, ATL Trace Tool
197d0ad8e3f6591e4493daaee9e52e53ecf192e32f9d167c67f2ffb408c76f2c

Valid signed file by Microsoft, MFCDLL Shared Library - Retail Version
33f631c0b561199b5feb9020faa99e50efa9f421d7484ffa640c5561494726da

Valid signed file by Microsoft, Microsoft C Runtime Library
45a61f4b7e5798f1389a7d6abc8a924c37db6f51552b4cafc901e7e4a50dabc6

Valid signed file by Lenovo, Lenovo Intelligent Sensing Technology Application
473b4f8b8640a68d1092f6b54b521c6b0ccb1c567eca4a18a2c2da3481bc027a

Valid signed file by VPN Proxy Master
ce13248fa2da5b27773f855c2dd0c6ce276b4a10b020e4da57bc47ab0fe07eae

Valid signed file by Luxand, Facial Recognition software
0d243cbcd1c3654ca318d2d6d08f4e9d293fc85a68d751a52c23b04314c67b99

Valid signed file by Asus, ASUS VGA Fan Control
00bfbbe6e9d0c54312de906be79cc1e9f18b2957856a1215eaff1ac7bb2

Valid signed file by Daum Communications Corp, PotPlayer
76da9d0046fe76fc28b80c4c1062b17852264348fd873b7dd781f39491f911e0

Valid signed file by Global Graphics Software, FontGenerator
19870dd4d8c6453d5bb6f3b2beccbbbe28c6f280b6a7ebf5e0785ec386170000

Source Reports:
https://decoded.avast.io/threatintel/apt-treasure-trove-avast-suspects-chinese-apt-group-mustang-panda-is-collecting-data-from-burmese-government-agencies-and-opposition-groups/
https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/
https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/
https://www.proofpoint.com/us/blog/threat-insight/good-bad-and-web-bug-ta416-increases-operational-tempo-against-european
https://securelist.com/apt-luminousmoth/103332/
https://www.bitdefender.co.uk/blog/labs/luminousmoth-plugx-file-exfiltration-and-persistence-revisited/
https://www.secureworks.com/blog/bronze-president-targets-russian-speakers-with-updated-plugx
	Valid signed file by Symantec, Symantec Antivirus Installer
	61d1943f0b702f4c16bb37228ade1d8f0ef4675b480921950d026c82e4a65fde

	Valid signed file by Venta Association, VentaFax MAPI client
	390d75e6c7fc1cf258145dc712c1fac1eb183efccee1b03c058cec1d790e46b1

	Valid signed file by Vivaldi Technologies, Vivaldi.exe
	58e7af5eb1acb5c9bee821d59054c69263aed3dce1b95616255dea7114ad8494

	Valid signed file by Invincea, Inc. Sandboxie
	90a29c688ce683fb2201145faac00cb44c3d5566697279b68960c6bc3208ae84

	Valid signed file by Guosen, GuosenPassGuard
	cb8a83b590893daa9b02b8e1a1c9afb68d6f2a82c9e0d2d2c63a36a510f6fda3

	Valid signed file by Avast Software, Avast Internet WSC Proxy
	bd4635d582413f84ac83adbb4b449b18bac4fc87ca000d0c7be84ad0f9caf68e

	Valid signed file by Microsoft, Microsoft C Runtime Library
	f11009988b813821857c8d2db0f88e1d45b20762f62a3cf432339f352b12cefe

	Valid signed file by Logitech, Logitech PlugIn Installer Utility
	2f2a5e5cdb262cd62b43b88bf1e9cfb40a26eac5897616b9eacec4e25d95cbb9

	Valid signed file by Hewlett Packard, HP Digital Imaging
	8857232077b4b0f0e4a2c3bb5717fd65079209784f41694f8e1b469e34754cf6

	Valid signed file by Microsoft, Microsoft C Runtime Library
	86e39b5995af0e042fcdaa85fe2aefd7c9ddc7ad65e6327bd5e7058bc3ab615f

	Valid signed file by Google, GoogleUpdateSetup.exe
	fa56ba25861f1b5040afd04bfbfd36353004cd6b2c457971fb01db26ff002f35

	Valid signed file by Qihoo 360 Software (Beijing) Company Limited
	a23dbce5bcde8ce541b8f326a951d29f6241280d944a1e921ca8658d3d4b65ac

	Valid signed file by DigiCert, SmadavProtect Antivirus software
	4f54a6555a7a3bec84e8193d2ff9ae75eb7f06110505e78337fa2f515790a562

	Valid signed file WinGup for Notepadd++
	e5bbbf34414426f63e6cd1354c306405e54bf31279829c7542dccfb7d85af0ec

	Valid signed file by Microsoft, OLEview
	91f6547bceddfb2f241570ac82c00de700e311e4a38dea60d8619638f1ed3520

	Valid signed file by McAfee, MCSync
	075f9dfb6ab3379f69165c03991abf1a969ca0c21e04564543564dc536ea95dd

	Valid signed file by Microsoft, .NET Framework Optimization Service
	0809e3b71709f1343086eeb6c820543c1a7119e74eef8ac1aee1f81093abec66

	Valid signed file by Yandex, Yandex Browser
	12b15f31f295416417f1e028904a4e10a0c8ec39dd00bac7df4887c194f2865b

	Valid signed file by Microsoft, ATL Trace Tool
	197d0ad8e3f6591e4493daaee9e52e53ecf192e32f9d167c67f2ffb408c76f2c

	Valid signed file by Microsoft, MFCDLL Shared Library - Retail Version
	33f631c0b561199b5feb9020faa99e50efa9f421d7484ffa640c5561494726da

	Valid signed file by Microsoft, Microsoft C Runtime Library
	45a61f4b7e5798f1389a7d6abc8a924c37db6f51552b4cafc901e7e4a50dabc6

	Valid signed file by Lenovo, Lenovo Intelligent Sensing Technology Application
	473b4f8b8640a68d1092f6b54b521c6b0ccb1c567eca4a18a2c2da3481bc027a

	Valid signed file by VPN Proxy Master
	ce13248fa2da5b27773f855c2dd0c6ce276b4a10b020e4da57bc47ab0fe07eae

	Valid signed file by Luxand, Facial Recognition software
	0d243cbcd1c3654ca318d2d6d08f4e9d293fc85a68d751a52c23b04314c67b99

	Valid signed file by Asus, ASUS VGA Fan Control
	00bfbbe6e9d0c54312de906be79cc1e9f18b2957856a1215eaff1ac7bb2

	Valid signed file by Daum Communications Corp, PotPlayer
	76da9d0046fe76fc28b80c4c1062b17852264348fd873b7dd781f39491f911e0

	Valid signed file by Global Graphics Software, FontGenerator
	19870dd4d8c6453d5bb6f3b2beccbbbe28c6f280b6a7ebf5e0785ec386170000

	Source Reports:
	https://decoded.avast.io/threatintel/apt-treasure-trove-avast-suspects-chinese-apt-group-mustang-panda-is-collecting-data-from-burmese-government-agencies-and-opposition-groups/
	https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/
	https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/
	https://www.proofpoint.com/us/blog/threat-insight/good-bad-and-web-bug-ta416-increases-operational-tempo-against-european
	https://securelist.com/apt-luminousmoth/103332/
	https://www.bitdefender.co.uk/blog/labs/luminousmoth-plugx-file-exfiltration-and-persistence-revisited/
	https://www.secureworks.com/blog/bronze-president-targets-russian-speakers-with-updated-plugx