Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
62 lines (40 sloc) 1.15 KB

Blog: What’s going on with Zebrocy?

Table 1. IoCs
filename SHA-1 ESET detection names

SCANPASS_QXWEGRFGCVT_323803488900X_jpeg.exe

7768fd2812ceff05db8f969a7bed1de5615bfc5a

Win32/Sednit.ORQ

C:\Users\public\Pictures\scanPassport.jpg

da70c54a8b9fd236793bb2ab3f8a50e6cd37e2df

-

C:\Users\Public\Documents\AcrobatReader.{exe,txt}

a225d457c3396e647ffc710cd1edd4c74dc57152

MSIL/Sednit.D

C:\Users\Public\Videos\audev.txt

a659a765536d2099ecbde988d6763028ff92752e

Win32/Sednit.CH

%TMP%\Indy0037C632.tmp

20954fe36388ae8b1174424c8e4996ea2689f747

Win32/TrojanDownloader.Sednit.CMR

%TMP%\Indy01863A21.tmp

e0d8829d2e76e9bb02e3b375981181ae02462c43

Win32/TrojanDownloader.Sednit.CMQ

Email addresses

carl.dolzhek17@post.cz

shinina.lezh@post.cz

P0tr4h4s7a@post.cz

sym777.g@post.cz

kae.mezhnosh@post.cz

tomasso25@ambcomission.com

kevin30@ambcomission.com

salah444@ambcomission.com

karakos3232@seznam.cz

rishit333@ambcomission.com

antony.miloshevich128@seznam.cz

You can’t perform that action at this time.