OceanLotus

Forum for completed malware requests.
Post Reply
r0ny
Posts: 50
Joined: Mon Apr 30, 2018 6:07 am

OceanLotus

Post by r0ny » Fri Sep 14, 2018 3:43 pm

The 360 ​​Threat Intelligence Center recently discovered the new CVE-2017-11882 vulnerability document used by Sea Lotus. Through the analysis of the vulnerability document and related attacks, we linked the organization's recent attacks against South Asian countries. And found a suspected "Hai Lianhua" organization in the beginning of May 2017 for a centralized attack on the domestic, combined with internal threat intelligence data, we believe that this is the organization's use of the "eternal blue" loopholes Attacks against domestic colleges and universities.

ref:https://ti.360.net/blog/articles/oceanl ... niversity/

IOCs:

5bcf16810c7ef5bce3023d0bbefb4391
a532040810d0e34a28f20347807eb89f

Antelox
Posts: 239
Joined: Sun Mar 21, 2010 10:38 pm
Contact:

Re: OceanLotus

Post by Antelox » Fri Sep 14, 2018 4:06 pm

BR,

Antelox
You do not have the required permissions to view the files attached to this post.

Post Reply