Kaspersky lab discovered unknown wiper malware which targets
Saudi and the named it as stonedrill. This variant got similarities with
shamoon in techniques and evasion.
As part of the investigation, they find that this malware
operation is expanding from middle east to Europe.
Please find the full report:
It contains IOC details and yara rules. Please use the IOC details for searching in the logs. And run the yara rules to find whether the stonedrill existence in the host.
StoneDrill C2s
eservic[.]com
securityupdated[.]com
actdire[.]com
chromup[.]com
chrome-up[.]date
service1.chrome-up[.]date
service.chrome-up[.]date
serveirc[.]com
StoneDrill MD5s
ac3c25534c076623192b9381f926ba0d
0ccc9ec82f1d44c243329014b82d3125
8e67f4c98754a2373a49eaf53425d79a
fb21f3cea1aa051ba2a45e75d46b98b8Post made by
newWorld
No comments:
Post a Comment