/APT_Digital_Weapon

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

GNU General Public License v3.0GPL-3.0

Copyright © @RedDrip (https://ti.qianxin.com/)

Here are indicators of compromise (IOCs) collected from public resources and our own investigations. Details include sample hash, file type, malware family, as well as first seen and file name from VirusTotal in format below:

Hash Type Family Frist_Seen Name
8e2b5b95980cf52e99acfa95f5e1570b Win32 DLL 2019-11-11 15:22:00 C:\Users<USER>\AppData\Local\Temp~$doc-ad9b812a-88b2-454c-989f-7bb5fe98717e.ole
3c3b2cc9ff5d7030fb01496510ac75f2 DOC 2019-11-11 11:13:02 ?-????2019?????????????????.doc
3a8c80d73f9beebd828c3aa172c747fa RAR 2019-11-07 01:23:39 Noi dung don cau cuu.rar
82990e2c0432e579a00ab1f75da0dd65 TXT 2019-10-26 11:05:08 lang.ps1
a87ada040f7250b59910345ee0b339b4 RAR 2019-10-23 09:20:16 Thu moi.rar
dbdbcd220475678c4becdc57a9233e20 Win32 EXE 2019-10-18 07:28:19 AcroRd32.exe
e7de9a64266f07168def534852349957 RAR Kryptik 2019-09-16 00:18:57 Don khieu nai.rar
90c66c76095ef1ad5a79e63a544c1bba Win32 DLL Kryptik 2019-09-13 06:02:21 123456

We will keep updating this project and hope this could help the security community to fight against malware and targeted attack.

If you find an error, please contact us at ti_support@qianxin.com and we’ll try to improve the IOCs.

2020/01/09 Update_log:

Groupname Total Update data
APT17 2994 1 2020/01/09
APT27 92 2 2020/01/09
APT28 690 4 2020/01/09
APT34 121 6 2020/01/09
APT40 23 2 2020/01/09
APT41 32 2 2020/01/09
BITTER 200 6 2020/01/09
BlackTech 369 10 2020/01/09
BRONZE PRESIDENT 3 3 2020/01/09
ChinaZ 27 10 2020/01/09
Cobalt Group 113 15 2020/01/09
Donot 329 12 2020/01/09
DustSquad 19 3 2020/01/09
El Machete 209 1 2020/01/09
FIN6 64 8 2020/01/09
FIN7 536 5 2020/01/09
FIN8 4 4 2020/01/09
GALLIUM 12 12 2020/01/09
Gamaredon Group 256 24 2020/01/09
Gorgon 1047 1 2020/01/09
Kimsuky 163 3 2020/01/09
KONNI 110 2 2020/01/09
Lazarus Group 1480 24 2020/01/09
Molerats 520 7 2020/01/09
MuddyWater 268 15 2020/01/09
Mustang Panda 20 4 2020/01/09
OceanLotus 973 8 2020/01/09
OilRig 72 8 2020/01/09
RANCOR 47 3 2020/01/09
RevengeHotels 2 2 2020/01/09
Sidewinder 75 8 2020/01/09
TA505 908 18 2020/01/09
Tick 71 13 2020/01/09
Turla 289 7 2020/01/09
xHunt 7 2 2020/01/09