#1254923: Malware targeting the Vietnamese Government - Additional IOCs

Description: Targeted attacks using Cobalt Strike.

Reference:
https://blog.en.elevenpaths.com/2019/04/new-research-docless-vietnam-apt.html
First Aid: IOCs:

FileHash-SHA256 0476ec8b4cb1b5dd368be52d9249f5b3cf6709b3141e9d02814c05f61cb90a91 0
FileHash-SHA256 4b998295418ecd49f98860eb90b900139bf0964dd39c146fb17a5eb08483a22f 0
FileHash-SHA256 52dc9be06e921276c9df828b6be6da994df667e25af03bdddcc6cfec1470f1d7 0
FileHash-MD5 80bcda9fde78c70566c6f693f1c7938f 0
FileHash-SHA256 89fdef30c14db09e4e82c561db4a35cbc039b95bdfa6340546f7ee54b887f59b 0
FileHash-SHA256 9873d48219b44447c2ef934069d33c89cf82c1e440950f85d09906870ba49b09 0
URL http://144.202.54.86/download/Btin 0
URL https://144.202.54.86/vkt2 0
URL https://144.202.54.86/vkT2
More info: https://otx.alienvault.com/pulse/5cb5f7241f3ad5601d26e1da?utm_medium=InProduct&utm_source=OTX&utm_content=Email&utm_campaign=new_pulse_from_subscribed

Date added April 16, 2019, 11:38 p.m.
Source AlienVault
Subjects
  • All New Malware or Attack Alerts - New Reports / IOCs in
  • . APTs - Advanced Persistent Threats - New Reports in
  • . APTs - China - New Reports in
  • . APTs - Russia - New Reports in
  • China - Mustang Panda APT (uses Cobalt Strike)
  • Cobalt Strike - Adversary Simulation and Red Team Operations Software
  • News Vietnam
  • Russian - Cobalt Strike (Used by Cobalt Hacker Group)