ioc[.]one - OSINT Cyber Threat Intelligence Database

Operation ShadowHammer

Tags

country:	Singapore Russia
attack-pattern:	Data Models Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Firmware - T1592.003 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	a7428e22-45f8-4909-81f8-76796b0cdedc
Fingerprint	9d0d131c883b20d1
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 25, 2019, 1:01 p.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 22, 2024, 8:42 p.m.
Headline	Operation ShadowHammer
Title	Operation ShadowHammer
Detected Hints/Tags/Attributes	44/2/22

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/operation-shadowhammer/89992/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	liveupdate01s.asus.com
Details	Domain	1	liveupdate01.asus.com
Details	Domain	338	kaspersky.com
Details	Domain	4	asushotfix.com
Details	Domain	8	newegg.com
Details	Domain	3	skylightcyber.com
Details	Email	1	shadowhammer@kaspersky.com
Details	Email	147	intelreports@kaspersky.com
Details	File	1	liveupdate_test_ver365.zip
Details	File	1	liveupdate_test_ver362.zip
Details	File	1	liveupdate_test_ver360.zip
Details	File	1	liveupdate_test_ver359.zip
Details	md5	1	aa15eb28292321b586c27d8401703494
Details	md5	1	bebb16193e4b80f4bc053e4fa818aa4e
Details	md5	1	2832885392469cd5b8ace5cec7e4ca19
Details	sha256	1	bebb16193e4b80f4bc053e4fa818aa4e2832885392469cd5b8ace5cec7e4ca19
Details	IPv4	2	141.105.71.116
Details	Url	1	http://liveupdate01.asus.com/pub/asus/nb/apps_for_win8/liveupdate/liveupdate_test_ver365.zip
Details	Url	1	https://liveupdate01s.asus.com/pub/asus/nb/apps_for_win8/liveupdate/liveupdate_test_ver362.zip
Details	Url	1	https://liveupdate01s.asus.com/pub/asus/nb/apps_for_win8/liveupdate/liveupdate_test_ver360.zip
Details	Url	1	https://liveupdate01s.asus.com/pub/asus/nb/apps_for_win8/liveupdate/liveupdate_test_ver359.zip
Details	Url	1	https://skylightcyber.com/2019/03/28/unleash-the-hash-shadowhammer-mac-list