A forum for reverse engineering, OS internals and malware analysis 

Forum for completed malware requests.
 #32070  by r0ny
 Thu Aug 30, 2018 6:21 pm
The attackers behind Olympic Destroyer are now targeting financial organizations in Russia, and biological and chemical threat prevention laboratories in Europe and Ukraine. They continue to use a non-binary executable infection vector and obfuscated scripts to evade detection.

ref:https://securelist.com/olympic-destroye ... ive/86169/

IOCs:

9bc365a16c63f25dfddcbe11da042974
da93e6651c5ba3e3e96f4ae2dd763d94
6ccd8133f250d4babefbd66b898739b9
abe771f280cdea6e7eaf19a26b1a9488
b60da65b8d3627a89481efb23d59713a
b94bdb63f0703d32c20f4b2e5500dbbe
bb5e8733a940fedfb1ef6b0e0ec3635c
97ddc336d7d92b7db17d098ec2ee6092
1d0cf431e623b21aeae8f2b8414d2a73
0e7b32d23fbd6d62a593c234bafa2311
e2e102291d259f054625cc85318b7ef5
0c6ddc3a722b865cc2d1185e27cef9b8
54b06b05b6b92a8f2ff02fdf47baad0e
4247901eca6d87f5f3af7df8249ea825

Thanks,
 #32072  by Antelox
 Fri Aug 31, 2018 8:00 am
All but these:
b94bdb63f0703d32c20f4b2e5500dbbe
0c6ddc3a722b865cc2d1185e27cef9b8
54b06b05b6b92a8f2ff02fdf47baad0e
BR,

Antelox
You do not have the required permissions to view the files attached to this post.