Hi folks,
Symantec published an article about a group they named Longhorn whose tools match the descriptions of the Vault 7 documents leaked by Wikileaks, allegedly the CIA hacking tools arsenal. In the article, they also published the signature names of some tools of which some can be found on Virustotal.
Blogpost: https://www.symantec.com/connect/blogs/ ... ed-vault-7
Backdoor.Plexor:
https://virustotal.com/en/file/6f03586b ... /analysis/
https://virustotal.com/en/file/425bbe70 ... /analysis/
https://virustotal.com/en/file/2156adca ... /analysis/
Backdoor.Trojan.LH1:
https://virustotal.com/en/file/21f72733 ... /analysis/
https://virustotal.com/en/file/e7591998 ... /analysis/
One of the samples is detected as Duqu by Microsoft...
Files attached.
[Longhorn group] Backdoor.Plexor + Backdoor.Trojan.LH1
[Longhorn group] Backdoor.Plexor + Backdoor.Trojan.LH1
You do not have the required permissions to view the files attached to this post.
Malware Reversing
http://www.malware-reversing.com
http://www.malware-reversing.com