ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	rule blackenergy_and_petya_similarities { strings: $bytes00 = { 73 00 68 00 75 00 74 00 64 00 6F 00 77 00 6E 00 2E 00 65 00 78 00 65 00 } $bytes01 = { 43 00 6F 00 6D 00 53 00 70 00 65 00 63 00 } $bytes02 = { 49 6E 69 74 69 61 74 65 53 79 73 74 65 6D 53 68 75 74 64 6F 77 6E 45 78 57 } $bytes03 = { 68 ?? ?? ?1 ?0 FF 15 ?? ?? ?? ?0 3B C7 74 ?? } $bytes04 = { 2F 00 63 00 } $hex_string = { B9 ?? ?? ?1 ?0 8D 44 24 ?C 66 8B 10 66 3B 11 75 1E 66 85 D2 74 15 66 8B 50 02 66 3B 51 02 75 0F 83 C0 04 83 C1 04 66 85 D2 75 DE 33 C0 EB 05 1B C0 83 D8 FF 85 C0 0F 84 ?? 0? 00 00 B9 ?? ?? ?1 ?0 8D 44 24 ?C 66 8B 10 66 3B 11 75 1E 66 85 D2 74 15 66 8B 50 02 66 3B 51 02 75 0F 83 C0 04 83 C1 04 66 85 D2 75 DE 33 C0 EB 05 1B C0 83 D8 FF 85 C0 0F 84 ?? 0? 00 00 } condition: ((uint16(0) == 0x5A4D)) and (filesize < 5000000) and (all of them) }
Category
Type	Yara Rule
Misp Type
Description

Details		Published	Attributes	CTI		Title
Details	Website	2017-06-30	11			From BlackEnergy to ExPetr