The attackers behind Olympic Destroyer are now targeting financial organizations in Russia, and biological and chemical threat prevention laboratories in Europe and Ukraine. They continue to use a non-binary executable infection vector and obfuscated scripts to evade detection.
ref:https://securelist.com/olympic-destroye ... ive/86169/
IOCs:
9bc365a16c63f25dfddcbe11da042974
da93e6651c5ba3e3e96f4ae2dd763d94
6ccd8133f250d4babefbd66b898739b9
abe771f280cdea6e7eaf19a26b1a9488
b60da65b8d3627a89481efb23d59713a
b94bdb63f0703d32c20f4b2e5500dbbe
bb5e8733a940fedfb1ef6b0e0ec3635c
97ddc336d7d92b7db17d098ec2ee6092
1d0cf431e623b21aeae8f2b8414d2a73
0e7b32d23fbd6d62a593c234bafa2311
e2e102291d259f054625cc85318b7ef5
0c6ddc3a722b865cc2d1185e27cef9b8
54b06b05b6b92a8f2ff02fdf47baad0e
4247901eca6d87f5f3af7df8249ea825
Thanks,
ref:https://securelist.com/olympic-destroye ... ive/86169/
IOCs:
9bc365a16c63f25dfddcbe11da042974
da93e6651c5ba3e3e96f4ae2dd763d94
6ccd8133f250d4babefbd66b898739b9
abe771f280cdea6e7eaf19a26b1a9488
b60da65b8d3627a89481efb23d59713a
b94bdb63f0703d32c20f4b2e5500dbbe
bb5e8733a940fedfb1ef6b0e0ec3635c
97ddc336d7d92b7db17d098ec2ee6092
1d0cf431e623b21aeae8f2b8414d2a73
0e7b32d23fbd6d62a593c234bafa2311
e2e102291d259f054625cc85318b7ef5
0c6ddc3a722b865cc2d1185e27cef9b8
54b06b05b6b92a8f2ff02fdf47baad0e
4247901eca6d87f5f3af7df8249ea825
Thanks,
