Hi folks,
Symantec published an article about a group they named Longhorn whose tools match the descriptions of the Vault 7 documents leaked by Wikileaks, allegedly the CIA hacking tools arsenal. In the article, they also published the signature names of some tools of which some can be found on Virustotal.
Blogpost: https://www.symantec.com/connect/blogs/ ... ed-vault-7
Backdoor.Plexor:
https://virustotal.com/en/file/6f03586b ... /analysis/
https://virustotal.com/en/file/425bbe70 ... /analysis/
https://virustotal.com/en/file/2156adca ... /analysis/
Backdoor.Trojan.LH1:
https://virustotal.com/en/file/21f72733 ... /analysis/
https://virustotal.com/en/file/e7591998 ... /analysis/
One of the samples is detected as Duqu by Microsoft...
Files attached.
Symantec published an article about a group they named Longhorn whose tools match the descriptions of the Vault 7 documents leaked by Wikileaks, allegedly the CIA hacking tools arsenal. In the article, they also published the signature names of some tools of which some can be found on Virustotal.
Blogpost: https://www.symantec.com/connect/blogs/ ... ed-vault-7
Backdoor.Plexor:
https://virustotal.com/en/file/6f03586b ... /analysis/
https://virustotal.com/en/file/425bbe70 ... /analysis/
https://virustotal.com/en/file/2156adca ... /analysis/
Backdoor.Trojan.LH1:
https://virustotal.com/en/file/21f72733 ... /analysis/
https://virustotal.com/en/file/e7591998 ... /analysis/
One of the samples is detected as Duqu by Microsoft...
Files attached.
Attachments
PW: infected
(866.99 KiB) Downloaded 131 times
(866.99 KiB) Downloaded 131 times
Malware Reversing
http://www.malware-reversing.com
http://www.malware-reversing.com
