ioc[.]one - OSINT Cyber Threat Intelligence Database

Shedding Skin - Turla’s Fresh Faces | Securelist

Tags

country:	Afghanistan Syria
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Installer Packages - T1546.016 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086 Rootkit - T1014 Scripting - T1064 Rootkit Scripting

Show in Graph

Common Information

Type	Value
UUID	64276ebe-1d89-4b45-8526-0c2ba72709da
Fingerprint	764110368fafcf7d
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 4, 2018, 4 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 18, 2024, 9:32 a.m.
Headline	Shedding Skin – Turla’s Fresh Faces
Title	Shedding Skin - Turla’s Fresh Faces \| Securelist
Detected Hints/Tags/Attributes	98/3/9

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/shedding-skin-turlas-fresh-faces/88069/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	5		soligro.com
Details	Domain	3		admdownload.adobe.com
Details	File	1		extension.json
Details	File	1		flashplayer23ax_ra_install.exe
Details	File	88		1.txt
Details	File	2		google_update_checker.js
Details	File	2		local_update_checker.js
Details	File	2128		cmd.exe
Details	Url	1		http://admdownload.adobe.com/bin/live/flashplayer23ax_ra_install.exe