概述
近期,奇安信威胁情报中心红雨滴团队利用公开情报发现一个摩诃草团伙的XLSM诱饵文档样本,经过分析发现其载荷主要通过 Github 和 Feed43获取加密的 C3癬??^a;?筛
2018-12-17T06:50:14 | yusufk1 | 185.29.11.59 | 2019-01-15T08:03:17 | str1ngstr |
164.132.75.22 | 2019-03-01T05:28:04 | z00min |
193.22.98.17 | 2019-05-27T05:47:11 | alexboycott |
91.92.136.239 | 2019-06-24T11:14:16 | imrankhan713 |
91.92.136.239 | 2019-06-24T12:05:21 | imranikhan17 |
185.116.210.8 | 2019-07-18T10:35:43 | chrisyoks |
185.161.210.8 | 2019-07-18T12:10:48 | johnhenery12 |
139.28.38.231 | 2019-08-07T10:58:56 | petersonmike |
139.28.38.236 | 2019-08-08T09:06:03 | shaikmalik22 |
参考资料
1. https://securelist.com/the-dropping-elephant-actor/75328/