#1275929: TA505 Campaign Targeting European Retailers - Additional IOCs

Description: TA505 Campaign Targeting European Retailers

REFERENCE:
https://twitter.com/James_inthe_box/status/1171158166265925632
First Aid: IOCs:
FileHash-SHA256 fdc6459bf8d5f1fc01f33de698d287c4bab42db83dad964199be8e4b7247b84a
FileHash-SHA256 2c7c572f96cba8e8e99ca5aff9831fa8eca2be778bb7b505a06936982d384cd0
FileHash-SHA256 2b29f5d30fc528fc057e3c7ee9d56311a9971c3d327d4e09de47807cd7a441af
URL https://update365-office-ens.com/rb8
FileHash-MD5 3f80214290751d891dddf50abe200ad8
FileHash-MD5 0c35d5f0b8428c7df1dc8b2b0b2360a5
domain update365-office-ens.com
FileHash-SHA256 37384e66e1e20008503fef7a6ca0193006e1ca9d08d292ba6a9a962b827d8468
FileHash-SHA256 affc1ae268ef274602d8a4429bcbb9b08d08a6eab7b5c7a4acea6e84dce8df4a
FileHash-SHA256 7af28b6af51c21236e8dae283be35d078a9b412b918a5595bfaa4722231e1af3
FileHash-SHA256 fbf18da6a5aa46b4e56b76e4ecd2e25ceb6d00d0f49a0a81aa8d95b2ac449591
FileHash-SHA256 572a9b91342fa5fde66be33fc80619c3265abb4f8054410ee5084f012d60b773
FileHash-SHA256 0683d9f225d54d48081f53abd7d569b32bc153d98157a5a6b763bc3cf57a6ad6
FileHash-SHA256 32dbf08aea1dc1badd3abcfe55d6f19badf5328fa86180e6325089fb08d69010
FileHash-SHA256 51f3fb49215e3499c7953ebd2188d3d900f7fea40395d4bc582cc14cd68224b8
FileHash-SHA256 5717b06cd68da8834d7d82b11073baee0dda9962ea1c8c843cfd7eb7885e73a7
FileHash-SHA256 51358011880993783bfafc1c214e230968ddb83ff1a8b4dea32420b4190e11f1
FileHash-SHA256 782834a3d682d37e752acda85d8ee7dfaa7350f3f7ff92777a2450ccd86e41a2
FileHash-SHA256 55a9fe62b05b61221b7758a2db393b199861eb611313e36e0b8f98233973f73c
FileHash-SHA256 726cb3a396456527767bfc249c3fa636738159803aad55bbeae0579ad2248b08
FileHash-SHA256 169d8ed25f9ef70d1ab0d43015de310521cce33b15412897151ca867b9289676
FileHash-SHA256 2d3f781c6bc90f1695d8409d0821695e5ce3ab4d066e620a3ca45a5afd5c54bf
FileHash-SHA256 a5ad45f134875d6a10c710992b1a57bbbf615854735d574d8cfde3e30e3a2396
FileHash-SHA256 c6eb7ba9fd1bf7cf6cc25bc84409aefc2d750594aa370fe0963bc6fbc6813476
FileHash-SHA256 a865841176619dbab019cdf4839df696442a558fdc6557e407d8564835d968de
FileHash-SHA256 082d2a6a66187db10f1a823b32f03dd1846260fdba47a6508e90d337b8763401
More info: https://otx.alienvault.com/pulse/5d78dc8a0006495d5fb9296e?source=email_notification

Date added Sept. 11, 2019, 2:44 p.m.
Source AlienVault
Subjects
  • . APTs - Advanced Persistent Threats - New Reports in
  • FlawedGrace Ransomware / ServHelper (TA505)
  • Retail / Supply Chain Industry Alerts
  • TA505 Threat Actor / TRat / SectorJ04