/APT_Digital_Weapon

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

GNU General Public License v3.0GPL-3.0

Copyright © @RedDrip (https://ti.qianxin.com/)

Here are indicators of compromise (IOCs) collected from public resources and our own investigations. Details include sample hash, file type, malware family, as well as first seen and file name from VirusTotal in format below:

Hash Type Family First_Seen Name
8e2b5b95980cf52e99acfa95f5e1570b Win32 DLL 2019-11-11 15:22:00 C:\Users<USER>\AppData\Local\Temp~$doc-ad9b812a-88b2-454c-989f-7bb5fe98717e.ole
3c3b2cc9ff5d7030fb01496510ac75f2 DOC 2019-11-11 11:13:02 ?-????2019?????????????????.doc
3a8c80d73f9beebd828c3aa172c747fa RAR 2019-11-07 01:23:39 Noi dung don cau cuu.rar
82990e2c0432e579a00ab1f75da0dd65 TXT 2019-10-26 11:05:08 lang.ps1
a87ada040f7250b59910345ee0b339b4 RAR 2019-10-23 09:20:16 Thu moi.rar
dbdbcd220475678c4becdc57a9233e20 Win32 EXE 2019-10-18 07:28:19 AcroRd32.exe
e7de9a64266f07168def534852349957 RAR Kryptik 2019-09-16 00:18:57 Don khieu nai.rar
90c66c76095ef1ad5a79e63a544c1bba Win32 DLL Kryptik 2019-09-13 06:02:21 123456

We will keep updating this project and hope this could help the security community to fight against malware and targeted attack.

If you find an error, please contact us at ti_support@qianxin.com and we’ll try to improve the IOCs.

Groupname Total Update data
FIN7 542 1 2021-11-15
Molerats 667 6 2021-11-15
Shamoon 3 47 16 2021-11-15