Sunday, April 26, 2020

Hacking Freemium Games - The Evolution Of PC Game Cheating

This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic.

I'm also terribly sorry for not posting recently, but I was busy with my SPSE and SLAE certification. Both are recommended for Python and Assembly noobs like me. But back to this post.

A little bit of history

Cheating in games started as help for game testers. By using invincibility or infinite ammo testers were able to test the game quicker, which meant less money spent on testing. I personally use cheat codes in games, depending on my mood. Sometimes it feels good to slash all the opponents while I'm invincible, sometimes it is more fun to play the game without cheats. One can argue whether cheating in games is OK or not, but I believe it depends, there is no black or white. But one thing is for sure, it is part of the gaming industry. There is huge demand for cheats. There were even cheat books printed on paper...


The different types of cheats (on PC)

There are different types of cheats in PC gaming. Following is a noncomplete list of these cheats:

Cheat codes

The good old IDDQD type of cheats. These are left in the game by the developers intentionally. Nothing interesting here.

Edit memory

This is my favorite. I will talk about this at the end of the post. Whenever a user launches a new program, the program's whole memory is accessible (read/write) to every other program launched by the user. And since the memory stores the current game state (health, ammo, armor, etc.), these values can be changed easily. In the good old times, there were POKE commands to do this cheats, and the memory address to write into was published by people who found where the game stores the most critical states about the game.

Code injection

This is like patching the game code. For example, one can change the "DEC (pointer to your current health)" instruction with NOP (do nothing), thus becoming invincible. In multi-player cheats, there is the aimbot to help you aim at enemies, wallhack to see through the wall, increase hitbox of the enemy for smoother hit, or in MMORPGs, one can write macros to collect items while the player is not online. I would say the so-called "trainers" more or less fit into this category and the previous one.

Saved game editor

The first time a kid meets a hex-editor (just like the co-author of this blog did with SIM City when he was 10 years old - David). It can teach a lot about file structures, the hexadecimal numeral system, etc. Fun times. 

Hacking game server

Not very common, but even more fun. Warning: endless trolling possibilities in multi-player games ahead :) How to hack a game server? Well, I think this might deserve another full blog post ...

Network traffic hacking

One last necessary type of cheating is to modify network traffic between the client and the game server. AFAIK SSL is not universal in gaming, so stunnel is not needed for this hack, but ettercap can help in changing the communication.

Why cheating becomes more critical (and challenging)?

Now in the age of in-app-payments, the game creators are no longer thinking about cheats as funny things but something to be destroyed to the ground. Because cheating decreases its revenue. Or not. At least they think it does. To quote Wikipedia here, "cheating in such games is nonetheless a legal grey area because there are no laws against modifying software which is already owned, as detailed in the Digital Millennium Copyright Act." 

A lot of online games include anti-cheating components like PunkBuster, nProtect GameGuard, or Valve Anti-Cheat. This whole cheating/anti-cheating industry is the same as the virus/anti-virus industry. A cat and mouse game.

Freemium games

If you have not played with "freemium" games, you should watch South Park season 18, episode 6. - "Freemium Isn't Free." If you did play with freemium games, you definitely have to watch it :) There are many problems with freemium games. It is free to install, free to play. The first 3-4 hours might be fun to play. But after that, it turns out it is impossible to advance in the game without paying money for it. And by spending cash, I mean spending a LOT! Let's have a look at today's example, an arcade racing video game.


For 99.99 USD, you can get 3 000 000 credit. For almost double the price of a new PC game, you can get these credits. In this particular game, I estimate one have to play ~6-24 hours constantly to get this amount of credit. But by playing ~6 hours, I mean 6 hours without progress in the game! Kind of boring. And what do you get from 3 000 000 credit? You can buy one of the most expensive cars, but can't tune them fully. You have to play more (without progress) or buy more. But guess what, there are more cars you can't buy by only playing the game. Those are only available via in-app-purchase.


Even though the player has 58 765 533 credits, it is not possible to buy this car. Only available through real money.


So, what are your possibilities? You are either Richie Rich, and can afford the money to buy these. Or you can be insane, and try to play the game without in-app-purchase. Or give up the game and try another freemium ... Or, you can try to hack the game!

Hack all the freemium games!

Although I was not playing this racing game from day one, I was able to witness the evolution of the cheats against this game. The cheats which worked in one day was not working one month later. The game is continuously updated to defeat the newly published cheats.

Noob start

So, I want to hack this game, what is the first thing a noob like me does? Bing it! Google it! 
From the first page result, let's check this tool:


While trying to download that, I just have to give my email address to spammers, or my mobile number will be subscribed to premium rate text messages. What fun.


Another "cheat" program will install malware/adware on your computer. Never ever try these programs. They are fake 99% of the time and after installing those you will have another problem, not just how to hack freemium games.

Beginners start - Cheat engine

When I first heard about hacking games in memory, I visualized hours of OllyDBG/ImmunityDBG/(insert your favorite Windows debugger here). It turned out, there are some specialized tools to help you with cheating the game. No assembly knowledge required. My favourite tool is CheatEngine. I highly recommend to download it and spend 10 minutes to get past the built-in tutorial levels to get a feeling about this tool. It's super duper awesome.



When I first tried to hack this game myself, I scanned the memory for my actual credit and tried to change that, no luck. Keep reading, you will see what happened.

The second cheat I tried with cheat engine was something like this
  1. Start the game, play the first level, and check how many credits is paid for winning the race. Pro tip: use dual display for full-screen game cheating.
  2. Restart the same level, attach Cheat Engine to the game's process
  3. Scan the memory for the same value at the beginning of the race
  4. Scan the memory for the same value at the end of the game. The intersect of the first and second scan includes the real value where the credit is stored for winning the race.
  5. Change the values (both the real one and some false positives) to something big
  6. Watch the game to crash
  7. Be amazed at the money you received
Nowadays, most of the cheats on YouTube does not work. Except for these kind of cheats. I don't want to recreate that tutorial, so you should watch it first then come back.



Are you back? Great. Do you have any idea what have you just seen? No? Well, in this case, don't try this at home. Copy-pasting assembly code from random internet posts and running on your computer is always a bad idea. It is precisely as risky as downloading free programs from random internet sites.

Although I have not seen people trolling others with this cheat engine type of shellcode, I think the time will come when these will be turned into something terrible. These shellcodes might work, or might harm your computer. The good news is, we can have a look at the code and analyze it. 

When you open CheatEngine and try to define a new custom type, you are greeted with a skeleton assembly code. I don't want to detail what all the skeleton code does, let's just focus on the difference between the skeleton code and the code used in the video. This is the "decrypt function":

xor eax, 0baadf00d
rol eax, 0e

What does it mean? The actual credit is encrypted in memory. If you want to scan it in memory, you won't be able to find it. But! The encryption is rotating the value to the right (ROR) with 0xE (14 in decimal), and after that, it is XOR-ed with 0xbaadf00d. Decrypting it is the inverse of the functions in reverse order (in this particular case, the order does not matter, but that's not the point). The inverse function of XOR is XOR, and the inverse function of ROR (rotate right) is ROL (rotate left). Now that we analyzed the assembly code, we can be sure that it is safe to execute. Just follow the video and see your coins falling from the sky. For free. In a freemium game. Have fun!

Encrypt memory - applications at financial institutions

Another exciting thing is that I don't recall any thick client applications in the financial industry encrypting the values in memory. And I agree, there are more significant problems with thick client applications than not encrypting the essential values in memory. But still, some thick client applications are regularly updated, maintained. Maybe it is a good idea to encrypt the values in memory. It will make attackers' life harder. Not impossible, but harder. Perhaps the developers of these applications should learn from the gaming industry (or from malware developers for that matter) because it is a shame that an arcade racing game or an FPS is protected better than an application responsible for transacting millions of dollars. Just think about the RAM scraping malware stealing millions of credit card data ...

Moral of the story

Cheating is part of the gaming history, and the freemium games are trying to take away the cheats from the gamers because they want money. Thanks to CheatEngine and some clever hacks, these programs can be still beaten. And guess what, there is CheatEngine for Android - although it did not work for me on the latest Android. And sometimes, hacking all kinds of applications can be more comfortable with CheatEngine, compared to traditional debuggers.

Also, always check the code before executing it! And when you find something cool, publish it, so everyone could enjoy the games!


Read more


  1. Penetration Testing A Hands-On Introduction To Hacking
  2. Escuela De Hacking
  3. Como Empezar En El Hacking
  4. Reddit Hacking
  5. Libros Para Aprender A Hackear
  6. Hacking Pages
  7. Kali Linux Hacking
  8. Hacking Madrid

Saturday, April 25, 2020

BEST PASSWORD MANAGERS FOR IOS

As I said, Apple's iOS is also prone to cyber attacks, so you can use some of the best password managers for iOS to secure your online accounts.

BEST PASSWORD MANAGERS FOR IOS

Here I have streamlined few of the best password managers for iOS including Keeper, OneSafe, Enpass, mSecure, LastPass, RoboForm, SplashID Safe and LoginBox Pro.

1. ONESAFE PASSWORD MANAGER (CROSS-PLATFORM)

OneSafe is one of the best Password Manager apps for iOS devices that lets you store not only your accounts' passwords but also sensitive documents, credit card details, photos, and more.
OneSafe password manager app for iOS encrypts your data behind a master password, with AES-256 encryption — the highest level available on mobile — and Touch ID. There is also an option for additional passwords for given folders.
OneSafe password manager for iOS also offers an in-app browser that supports autofill of logins, so that you don't need to enter your login details every time.
Besides this, OneSafe also provides advanced security for your accounts' passwords with features like auto-lock, intrusion detection, self-destruct mode, decoy safe and double protection.
Download OneSafe Password Manager: iOS | Mac | Android | Windows

2. SPLASHID SAFE PASSWORD MANAGER (CROSS-PLATFORM)

SplashID Safe is one of the oldest and best password management tools for iOS that allows users to securely store their login data and other sensitive information in an encrypted record.
All your information, including website logins, credit card and social security data, photos and file attachments, are protected with 256-bit encryption.
SplashID Safe Password Manager app for iOS also provides web autofill option, meaning you will not have to bother copy-pasting your passwords in login.
The free version of SplashID Safe app comes with basic record storage functionality, though you can opt for premium subscriptions that provide cross-device syncing among other premium features.
Download SplashID Safe Password Manager: Windows and Mac | iOS | Android

3. LOGIN BOX PRO PASSWORD MANAGER

LoginBox Pro is another great password manager app for iOS devices. The app provides a single tap login to any website you visit, making the password manager app as the safest and fastest way to sign in to password-protected internet sites.
LoginBox Password Manager app for iOS combines a password manager as well as a browser.
From the moment you download it, all your login actions, including entering information, tapping buttons, checking boxes, or answering security questions, automatically completes by the login box Password Manager app.
For security, the login box Password Manager app uses hardware-accelerated AES encryption and passcode to encrypt your data and save it on your device itself.
Download LoginBox Password Manager: iOS | Android

Related posts


  1. Hacking Etico Libro
  2. Que Es Un Hacker
  3. Como Convertirse En Hacker
  4. Growth Hacking Courses
  5. Hacking Desde Cero
  6. Tipos De Hacker
  7. Body Hacking
  8. Drupal Hacking

Thank You To Volunteers And Board Members That Worked BlackHat Booth 2019

The OWASP Foundation would like to thank the OWASP Las Vegas Chapter Volunteers for taking the time out of their busy schedule to give back and volunteer to work the booth at BlackHat 2019.  It was great meeting our Las Vegas OWASP members and working with Jorge, Carmi, Dave, and Nancy.  
Also, take a moment to thank Global Board Members Martin Knobloch, Owen Pendlebury, and Gary Robinson for also working the booth and speaking with individuals and groups to answer questions on projects and suggestions on the use of our tools to address their work problems.
OWASP can not exist without support from our members.  
Related news

RECONNAISSANCE IN ETHICAL HACKING

What is reconnaissance in ethical hacking?
This is the primary phase of hacking where the hacker tries to collect as much information as possible about the target.It includes identifying the target ip address range,network,domain,mail server records etc.

They are of two types-
Active Reconnaissance 
Passive Reconnaissance 

1-Active Reconnaissance-It the process from which we directly interact with the computer system to gain information. This information can be relevant and accurate but there is a risk of getting detected if you are planning active reconnaissance without permission.if you are detected then the administration will take the severe action action against you it may be jail!

Passive Reconnaissance-In this process you will not be directly connected to a computer system.This process is used to gather essential information without ever interacting with the target system.
Related word

BurpSuite Introduction & Installation



What is BurpSuite?
Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals. Burp Suite helps you identify vulnerabilities and verify attack vectors that are affecting web applications. Because of its popularity and breadth as well as depth of features, we have created this useful page as a collection of Burp Suite knowledge and information.

In its simplest form, Burp Suite can be classified as an Interception Proxy. While browsing their target application, a penetration tester can configure their internet browser to route traffic through the Burp Suite proxy server. Burp Suite then acts as a (sort of) Man In The Middle by capturing and analyzing each request to and from the target web application so that they can be analyzed.











Everyone has their favorite security tools, but when it comes to mobile and web applications I've always found myself looking BurpSuite . It always seems to have everything I need and for folks just getting started with web application testing it can be a challenge putting all of the pieces together. I'm just going to go through the installation to paint a good picture of how to get it up quickly.

BurpSuite is freely available with everything you need to get started and when you're ready to cut the leash, the professional version has some handy tools that can make the whole process a little bit easier. I'll also go through how to install FoxyProxy which makes it much easier to change your proxy setup, but we'll get into that a little later.

Requirements and assumptions:

Mozilla Firefox 3.1 or Later Knowledge of Firefox Add-ons and installation The Java Runtime Environment installed

Download BurpSuite from http://portswigger.net/burp/download.htmland make a note of where you save it.

on for Firefox from   https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/


If this is your first time running the JAR file, it may take a minute or two to load, so be patient and wait.


Video for setup and installation.




You need to install compatible version of java , So that you can run BurpSuite.

Related news


  1. Hacking Y Seguridad
  2. Hacking Ético Curso
  3. Growth Hacking

iCloudBrutter - AppleID Bruteforce


iCloudBrutter is a simple python (3.x) script to perform basic bruteforce attack againts AppleID.

Usage of iCloudBrutter for attacking targets without prior mutual consent is illegal. iCloudBrutter developer not responsible to any damage caused by iCloudBrutter.

Installation
$ git clone https://github.com/m4ll0k/iCloudBrutter.git
$ cd iCloudBrutter
$ pip3 install requests,urllib3,socks
$ python3 icloud.py


More information

Wednesday, April 22, 2020

DOWNLOAD BLACKMART ANDROID APP – DOWNLOAD PLAYSTORE PAID APPS FREE

Android made endless possibilities for everyone. It introduced a platform where are millions of apps that a user can download and buy depending on their needs. You're thinking about Google PlayStore, yes I am also talking about Google PlayStore. It's categorized app collection depending on every niche of life. Few of them are free and some of them are paid. Most of the paid apps are only charges small cost in between $2 to $8, but few apps are highly costly that make cost over $50 even, which is not possible for every user to buy and get benefit from it. So, here I am sharing a really useful app, that can make every Google PlayStore app for you to download it for free. You can download any paid app that may even cost about $50. It's totally free. Download blackmart Android app and download google play store paid apps freely.

DOWNLOAD BLACKMART ANDROID APP – DOWNLOAD PLAYSTORE PAID APPS FREE

  • It's extremely easy to use.
  • It has a Multilingual option for a global user experience.
  • The app doesn't ask for any payments.
  • Capable to download full of downloadable applications.
  • Super fast in downloading and installation.

Read more


  1. Hacker Definicion Informatica
  2. Como Empezar En El Hacking
  3. Ultimate Hacking Keyboard
  4. Que Es El Hacking Etico

What Is Cybersecurity And Thier types?Which Skills Required To Become A Top Cybersecurity Expert ?

What is cyber security in hacking?

The term cyber security  refers to the technologies  and processes designed  to  defend computer system, software, networks & user data from unauthorized access, also from threats distributed through the internet by cybercriminals,terrorist groups of hacker.

Main types of cybersecurity are
Critical infrastructure security
Application security
Network Security 
Cloud Security 
Internet of things security.
These are the main types of cybersecurity used by cybersecurity expert to any organisation for safe and protect thier data from hack by a hacker.

Top Skills Required to become Cybersecurity Expert-

Problem Solving Skills
Communication Skill
Technical Strength & Aptitude
Desire to learn
Attention to Detail 
Knowledge of security across various platforms
Knowledge of Hacking
Fundamental Computer Forensic Skill.
These skills are essential for become a cybersecurity expert. 
Cyber cell and IT cell these are the department  in our india which provide cybersecurity and looks into the matters related to cyber crimes to stop the crime because in this digitilization world cyber crime increasing day by day so our government of india also takes the immediate action to prevent the cybercrimes with the help of these departments and also arrest the victim and file a complain against him/her with the help of cyberlaw in our constitution.


More info


  1. Hacking Time
  2. Crack Definicion
  3. Hacking Microsoft
  4. Hacking Virus
  5. Hacking Live
  6. Amiibo Hacking
  7. Herramientas Growth Hacking

iCloudBrutter - AppleID Bruteforce


iCloudBrutter is a simple python (3.x) script to perform basic bruteforce attack againts AppleID.

Usage of iCloudBrutter for attacking targets without prior mutual consent is illegal. iCloudBrutter developer not responsible to any damage caused by iCloudBrutter.

Installation
$ git clone https://github.com/m4ll0k/iCloudBrutter.git
$ cd iCloudBrutter
$ pip3 install requests,urllib3,socks
$ python3 icloud.py


More information


  1. Que Es El Hacking Etico
  2. Significado Hacker
  3. Hacking 2019
  4. Marketing Growth Hacking
  5. Growth Hacking Pdf
  6. Growth Hacking Ejemplos
  7. Ethical Hacking
  8. Python Desde 0 Hasta Hacking - Máster En Hacking Con Python
  9. Hacking Curso
  10. Foro Hacking
  11. Hacking 2019

Part II. APT29 Russian APT Including Fancy Bear





This is the second part of Russian APT series.

"APT29 - The Dukes Cozy Bear: APT29 is threat group that has been attributed to the Russian government and has operated since at least 2008.1210 This group reportedly compromised the Democratic National Committee starting in the summer of 2015" (src.  Mitre ATT&CK)

Please see the first post here: Russian APT - APT28 collection of samples including OSX XAgent




I highly recommend reading and studying these resources first:

List of References (and samples mentioned) listed from oldest to newest:

  1. 2012-02 FSecure. COZYDUKE
  2. 2013-02_Crysys_Miniduke Indicators
  3. 2013-04_Bitdefender_A Closer Look at MiniDuke
  4. 2014-04 FSecure_Targeted Attacks and Ukraine
  5. 2014-05_FSecure.Miniduke still duking it out
  6. 2014-07_Kaspersky_Miniduke is back_Nemesis Gemina and the Botgen Studio
  7. 2014-07_Kaspersky_The MiniDuke Mystery PDF 0-day
  8. 2014-11_FSecure_OnionDuke APT Attacks Via the Tor Network
  9. 2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke
  10. 2015-04_Kaspersky_CozyDuke-CozyBear
  11. 2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support
  12. 2015-07_Fireeye_Hammertoss_Stealthy_tactics_define_Russian_Cyber
  13. 2015-07_Kaspersky_Minidionis one more APT with a usage of cloud drives
  14. 2015-07_PaloAlto_Tracking_MiniDionis
  15. 2015-07_Palo_Alto_Unit 42 Technical Analysis Seaduke
  16. 2015-07_Symantec_Seaduke latest weapon in the Duke armory
  17. 2015-08_Prevenity Stealing data from public institutions
  18. 2015-09_FSecure_THE DUKES7 years of Russian cyberespionage
  19. 2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee
  20. 2016-11_Volexity_PowerDukePostElection
  21. 2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree
  22. 2017-03 Fireeye APT29 Domain Fronting With TOR
  23. Fancy Bear source code 

Download


Download sets (matching research listed above). Email me if you need the password
          Download all files/folders listed (MB)





Sample list

Parent FolderFile NameMD5 ChecksumSHA256 Checksum
APT29APT29_2012-02_FSecure_Cozyduke
APT29_2012-02_FSecure_CozydukeCozyDuke
CozyDuke00F67DEB6E435C68F8A39336C9EFFC45D395B1346761106f816313394a653db5172dc48737ceea0922d1177a9de74f4858678acf6afd22706489fcca35a509bca9688cb7
CozyDuke01D3973E1BB46E2B75034736991C567862A112635b4250a6bb4c6915ce962d489ee912d6637cabc343e3ed5b447dccb13aa7caf4d3a3eb3cd617d360167f270ec34596ea
CozyDuke04AEFBF1527536159D72D20DEA907CBD080793E31a42acbdb285a7fba17f95068822ea4e4464c945c88ac9a4a22e86f0922f18c164e87f26c3f3fa054eb488fdd7d4bfc8
CozyDuke210BC99275368DF7EA179055737CFFC3A12A6614d9703d014c5d4f55e2996f3573544476f16cfb7e54a11689fc1a37145b7ff28f17a1930c74324650e9a080ac87d69ac7
CozyDuke23E20C523B9970686D913360D438C88E6067C157f0a6436ffee12558a434a0fc24b3b33f5f827730c7bd155997121f023ca9775077a37a58111738fcb3213757170bd860
CozyDuke29A91E7823046F4EC3FD6B3FD1B442EAA92F356552474b705610245f67bbd1c86ab8bd7bf9987e6be134bf29458a336a76600a267e14b07a57032b6a8fc656f750e40ce5
CozyDuke31163D35C5A3CAA5E82E1D9B0D1B4DB8FBDD79FA9f612661000605c5d0787fe13746e4cc363bf9a64718ae7af673f199b04b90abd5196b176932091927f6386271912442
CozyDuke32B0C8C46F8BAABA0159967C5602F58DD73EBDE90e0182694c381f8b68afc5f3ff4c4653c1b19af1e354f13c90163780be6ad50f02d5bf8bac1c9cc1eab1377a159de1be
CozyDuke33BEB7A410F1CD699733000B5B30B5E4EB2062BA330ed7549d50bdb56497a5577132610a907a743b5d1d028f9bfb5f053311b0f8be8516cb97dbc48ac0511de9c41d3c32
CozyDuke3583647EF8158E29E3C18413ECE70C2851720926992d2386998566a2a95c2affbfe3f3fe73b7d89340126a441e483229deefb017c8c680d0c8f571c55744e6141576f68a
CozyDuke42CFE068B0F476198B93393840D400424FD77F0Cd596827d48a3ff836545b3a999f2c3e30dc7438be5b21a36651de0a08361b18d76f0920517a7d51f75dc234740f392ca
CozyDuke443BC2E77B10AE64AF6321C2C7BFD311C0772503b4ae6966e65e47afa41610b1fb554607b75cc5e0ad70347b3fad6c3e3b6b2bd224ec75e6ea9c906f01b53af58b52f038
CozyDuke44406A80F13045442CE6A28EE62A923AC8F8C56A01a2c13c42f1a0557421d341f41654237188e3a11c12e48098fb24aa288068ff5dabeff8ba88b138c20811ef751d5f07
CozyDuke482D1624F9450CA1C99926CEEC2606260E7CE544fd8e27f820bdbdf6cb80a46c67fd978af7f4d18dbc0b822b89ba14ffea24114f92b593be0f287f300bb269b310883039
CozyDuke49FB759D133EEAAB3FCC78CEC64418E44ED649AB08709ef0e3d467ce843af4deb77d74d5bc7bcb663477238508ce8ad366cc9a77811c7f5eabaec47175858fe972639f40
CozyDuke4A16674C799FAE6535C82F878F6A37F94EE9A49B5fa3c3dabb8edd601302d9cf02db899d0d5d39ad12361b6ea6b3856e55a63cad4611c7b49795b1f2a517621de298e4fa
CozyDuke5150174A4D5E5BB0BCCC568E82DBB864064875102ef51f1ca11ce73fa20b54a5886ad1dd89996b66d5a339939b2072d29675ec3ca6d793f42a5d335a8ea7dab8773321ef
CozyDuke5BCD74E0C3C661580201E7D8122D7525A1480B4C859f167704b5c138ed9a9d4d3fdc0723f99efa337e1b7cef4e68570a23da9183526c3db72c6410d41f63e38c8b515466
CozyDuke5FFE420A3CC848024884DB8E2CFED68C47368DAE5eabc9c54b73fffb5f3fddb37a653d7b9d047bd757faff57539c885d46fdf8e7db383d850b355d7a829a203c9184def4
CozyDuke6B5EF7B76B35203DD323AF49BFA27CFA7E1B6376c42bf27579eaadfa080134f3400a417bfbbcac3f053a480ca28cc2910c74846af7efb0b291cbe006cf15c612986e5d2c
CozyDuke71C59EAA445346251467942BAC489A9D4E807F7F69cab1853df0749d42b68bf41d78e655c3329be592d90fdc0383d05ae9c251b3387f366f2aeb57ac595a5538aea0bfd9
CozyDuke75AEAEE253B5C8AE701195E3B0F49308F3D1D93295b3ec0a4e539efaa1faa3d4e25d51de7fd72a36f7e0e6e0a8bc777fc9ed41e0a6d5526c98bc95a09e189531cf7e70d5
CozyDuke7765A0869530C1A17B8FD339BBE55CC4C1BDBA305ebce6cbedfec82f1428c3409e3df0ef89cd924e6bb24ea151ba653573c64f07b22802473ea94c63c2c94843172998d6
CozyDuke78E9960CC5819583FB98FB619B33BFF7768EE861181a88c911b10d0fcb4682ae552c0de3a5373b33ac970dedeb52528b123959145bf51c95b159a30a7823ad8018ac4b41
CozyDuke7C710CF31F20EF7E0AD1809672255D4EDFDFF05283acacbd57997f6326817f709f8578936e7f6146b428af5eaec4dec1616df980764110120ae54bb765ae662c87496d50
CozyDuke87668D14910C1E1BB8BBEA0C6363F76E664DCD09f58a4369b8176edbde4396dc977c900830c69d91247f8a72a69e4d7c4bce3eafba40975e5890c23dc4dbe7c9a11afa73
CozyDuke883292F00E5836F99A1943A6E0164D8C6C124478bc626c8f11ed753f33ad1c0fe848d8988853979fce0f767b495abd55b696203209e95f04aaefe16c52c1724d07972154
CozyDuke8B357FF017DF3ED882B278D0DBBDF129235D123D3d3363598f87c78826c859077606e51401468b1d3e089985a4ed255b6594d24863cfd94a647329c631e4f4e52759f8a9
CozyDuke8BA7932A40008881A4ED975F52271C0B679EAFF245d6515ebb7f57404b8703f1e77a461a99f53b96a264b56542cd0f7c631339f8a3f3bdd3817fc9fddcdf44edd91ea90e
CozyDuke8C3ED0BBDC77AEC299C77F666C21659840F5CE23e8510a7ae4919a3fcedad985fbbca35218c0b02776487babbf6219cdaf97cbf2b534e0cf87a527228dda2d4a468a257f
CozyDuke8F1AC45360196A7B5A1680FF839A131394E9D9B49e3c39aaa240da8c7002924170019f7884a941d828813301c2634c6a818b9d7455c6493a073a0646d9a4e263a5a0e082
CozyDuke9319BF72000F8E468C182947DD5C82FB8B9AE4191ff0ed11fc6a41db458a75ae71670f94509347f4a5b81a65e327363b9eb6773d57cb6df0c834bfdb19eda8defcfecadb
CozyDuke93D53BE2C3E7961BC01E0BFA5065A2390305268C90bd910ee161b71c7a37ac642f910059ff9edb92ee8125519aa1eea60cab9999bcd4caa87b891882caddc73a2a5ae9cf
CozyDuke93EE1C714FAD9CC1BF2CBA19F3DE9D1E83C665E2f02da961eb7b87b41aee5fd9537022f0ac4ffc7a2ba8840a20f6b07aa44328f1802b79ced6a56b3ac7e78fa1178ba65a
CozyDuke94520B93510DB0DC10387A65E0A46F45AB50122650992eefe5df1c85dde85dc008b5010d64533e377bc50faa161ebf98639385c119de07dd22ed2525b26bfba608e4da95
CozyDuke9B56155B82F14000F0EC027F29FF20E6AE5205C29ad55b83f2eec0c19873a770b0c86a2f7cdb9c2e8b6ca7f0a683a39c0bdadc7a512cff5d8264fdec012c541fd19c0522
CozyDuke9F8F1672594A6FBAC43793C857DD7718E75F328Ac79bf9a04913a5018ab8de65ffd1060f463e19dfd8dc9a2712deb50ccbe2bf59693cee322fb6f0d45d333e34fe4a3d45
CozyDukeA38EA2533E3DFA6339726AAFD4BC2BC7E3EEC5296f535a0f5c7f710ec4739e52f35a567395f8e91fb2059954866e52459cb88f5ff7b2aea590fce587e51f1140222ef27f
CozyDukeAC2B5928F46069111F4334F650A7DBF1B5F026D5fef254d6c46fdced294db44acef8d839da3ee90d5ae8b82775567bc35896f7752b5f9a1eb686feb2e32f376e8e936e7a
CozyDukeB26BC0A3E35C474F7099BD2B066F1680F3394B1466d2b5ed8646a0ef38eef822555b98286b31c287e93d7d4a5a92a5ad50ee903534af4ee34ed2879b002b139eaed7510d
CozyDukeB5E973DF0A159AB583FC8923C796C8CBF5B535DF864bb9137f6bf94e59fbaa9b21065d1e6b8d05118610f97f7fee199e29c193ef763f344b425a01b6cf471ec591ad4280
CozyDukeBDD2BAE83C3BAB9BA0C199492FE57E70C6425DD3416db420e781c709bb71acee0b79282f4bcb2a5d99297b30f8ff00e08cf7330d5e2f69fc602bb317bf8e9f703a137a99
CozyDukeBF265227F9A8E22EA1C0035AC4D2449CEED43E2B1dde02ff744fa4e261168e2008fd613a418a21d49fe5bca8a3e050f039a0e2aa03db6d2de0fb49e3ff9d987f31b22dda
CozyDukeBF9D3A45273608CAF90084C1157DE2074322A23043c012086c1ae0a67c38b0926d6cba3f3dea35172449f0b9a86dff9af3b4480cc4c37a30e8cb54963ff91c4c1ffe7b0d
CozyDukeC117608DAB3AB632DE8110F8981DD7E773C61D052aabd78ef11926d7b562fd0d91e68ad3f9ff78669e4b251ac1e31076eaf420bee6f2060dbc926cc33603f893658ca86c
CozyDukeC3D8A548FA0525E1E55AA592E14303FC6964D28Df16dff8ec8702518471f637eb5313ab22b160b7eef5ce5fdb83889f96fc40cbbbc7b85450ff2afdf781a8eb5d6a0f541
CozyDukeC3FDE950FE7D668805B40B1680D519F20C18B899f16629ad4bc9473ef4978d6a3dd551f1ea8357db1071cda3e9a63592e584410d071673433a89215c220e0e7310729229
CozyDukeC62E840FFE4BBA50F6584B33A877475F0EBCF55810b852b9f669aa6ec60bc838dbee6de3aaea9387a63a20aed6e41029ea14af41a76e09069fd3aa7f7fa210f540f42b9a
CozyDukeC6472898E9085E563CD56BAEB6B6E21928C5486D98a6484533fa12a9ba6b1bd9df1899dc9891b5586cede16aa1e1b87380621f68e8956b991cf7675bbe18d2ec61a7522f
CozyDukeC8FE2296565C211E019CDAD3918A5736D4B12D4493176df76e351b3ea829e0e6c6832bdf950c8f9dbec3a2a1603f9202408cf49ea5a9573c7296e5940a42581cbd6fc8c2
CozyDukeCCF83CD713E0F078697F9E842A06D624F8B9757Eacffb2823fc655637657dcbd25f35af8262dbadca239e5259161130ac9f0f5ef50691fd9dc3e3490b6c0d7b76e7ee34e
CozyDukeCE9D077349638FFD3E1AD68CDA76C12CFB0240694121414c63079b7fa836be00f8d0a93bfde146d9d8c42d3b7803285bfa73976b81234f9ef37a16f9319929ec1e686bb3
CozyDukeCEBCF2F495C3B95138128D0577DCAC5CDE29490D3a746f525877b3d006758def2957ddaf4d5d056e501bc3fca73a156b23e05612bd2fc7f09b44745766b98b6ca2599bfb
CozyDukeD3254F1F4C4DEF8C023982DFB28FA31E91B69AB5cb52ba412736c9966c02265946b0fdb09d217fc19800472327465066f4cf369df9ef9c43dd3822af1d7cda79c74e7793
CozyDukeD5CBF554E4E700B37DDCB026D4407FCD87032D873dce9f631cc0b8a1b1bdc1b4671e25696928d9fda1b31c72067ba2a1d3f21efe8595f6e8d54a196ccabbc953f10b2d38
CozyDukeE0779AC6E5CC76E91FCA71EFEADE2A5D7F099C80209a4a102a977b698544c99d8236e9ca86056f462d5783604b7f050047db210ecf698e72f3664b27d58265663ff5b324
CozyDukeE76DA232EC020D133530FDD52FFCC38B7C1D766262c4ce93050e48d623569c7dcc4d0278f44bead117d2cf34b8e50b81c82fbd1b938b94387cdf84386ace46b1f3b5df1a
CozyDukeE99A03EBE3462D2399F1B819F48384F6714DCBA11a262a7bfecd981d7874633f41ea5de8099524703c250d1d1a16288dbd2f425d6cd0491f608e207a82f239b39bb26b7e
CozyDukeEA0CFE60A7B7168C42C0E86E15FEB5B0C9674029eb22b99d44223866e24872d80a4ddefdf722677df4fb7eb4ac986a944d4f6630b91ac22b31f8d39ec9bf941376d5d4db
CozyDukeEB851ADFADA7B40FC4F6C0AE348694500F878493b5553645fe819a93aafe2894da13dae71a7239c006a3adf893bdb5c2300b2964ed8bb454e1b622853e4460707dc63c16
CozyDukeF2FFC4E1D5FAEC0B7C03A233524BB78E44F0E50B9f65e3b320ec91380ebc28d4fdff48958a5d8d103cb175d7dc41932ef9a890997e25dbe15f94ecd2105835fe49779354
CozyDukeF33C980D4B6AAAB1DC401226AB452CE840AD4F407f6bca4f08c63e597bed969f5b729c5665fa52f632e4e83ff83120c7df6b90291025a76d5daeb183e814ec0b3bd2bd4e
CozyDukeF7693E5D39DB067D97CD91FB22522F94C59FDA3D90674c3cca487fedbe77c4986d0232968cc0f8322ce5f546cdccac553420a8ff9784212c5aada89c04a8ec2c5324f983
CozyDukeF7D47C38ECA7EC68AA478C06B1BA983D9BF02E15a5d6ad8ad82c266fda96e076335a50807ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261
APT29_2012-02_FSecure_CozydukeCozyDukeDropper
CozyDukeDropper0E0182694C381F8B68AFC5F3FF4C46530e0182694c381f8b68afc5f3ff4c4653c1b19af1e354f13c90163780be6ad50f02d5bf8bac1c9cc1eab1377a159de1be
CozyDukeDropper181A88C911B10D0FCB4682AE552C0DE3181a88c911b10d0fcb4682ae552c0de3a5373b33ac970dedeb52528b123959145bf51c95b159a30a7823ad8018ac4b41
CozyDukeDropper1DDE02FF744FA4E261168E2008FD613A1dde02ff744fa4e261168e2008fd613a418a21d49fe5bca8a3e050f039a0e2aa03db6d2de0fb49e3ff9d987f31b22dda
CozyDukeDropper4121414C63079B7FA836BE00F8D0A93B4121414c63079b7fa836be00f8d0a93bfde146d9d8c42d3b7803285bfa73976b81234f9ef37a16f9319929ec1e686bb3
CozyDukeDropper43C012086C1AE0A67C38B0926D6CBA3F43c012086c1ae0a67c38b0926d6cba3f3dea35172449f0b9a86dff9af3b4480cc4c37a30e8cb54963ff91c4c1ffe7b0d
CozyDukeDropper91AAF47843A34A9D8D1BB715A6D4ACEC91aaf47843a34a9d8d1bb715a6d4acecdc70d3046b59785b2b9b7091e26f2484ba7a488dba420a8a05be388a337c399e
CozyDukeDropper95B3EC0A4E539EFAA1FAA3D4E25D51DE95b3ec0a4e539efaa1faa3d4e25d51de7fd72a36f7e0e6e0a8bc777fc9ed41e0a6d5526c98bc95a09e189531cf7e70d5
CozyDukeDropper9AD55B83F2EEC0C19873A770B0C86A2F9ad55b83f2eec0c19873a770b0c86a2f7cdb9c2e8b6ca7f0a683a39c0bdadc7a512cff5d8264fdec012c541fd19c0522
CozyDukeDropper9F65E3B320EC91380EBC28D4FDFF48959f65e3b320ec91380ebc28d4fdff48958a5d8d103cb175d7dc41932ef9a890997e25dbe15f94ecd2105835fe49779354
CozyDukeDropperEB22B99D44223866E24872D80A4DDEFDeb22b99d44223866e24872d80a4ddefdf722677df4fb7eb4ac986a944d4f6630b91ac22b31f8d39ec9bf941376d5d4db
CozyDukeDropperF58A4369B8176EDBDE4396DC977C9008f58a4369b8176edbde4396dc977c900830c69d91247f8a72a69e4d7c4bce3eafba40975e5890c23dc4dbe7c9a11afa73
CozyDukeDropperFEF254D6C46FDCED294DB44ACEF8D839fef254d6c46fdced294db44acef8d839da3ee90d5ae8b82775567bc35896f7752b5f9a1eb686feb2e32f376e8e936e7a
APT29APT29_2013-02_Crysys_Miniduke Indicators
APT29_2013-02_Crysys_Miniduke IndicatorsDocument_Droppers
Document_Droppers2402C2DC6ACC5A8418201FEA5B2043F985E1DD69_EUAG_report.pdf_cf5a5239ada9b43592757c0d7bf661695fbe3c1075e1afb6c1a3ce757bb8d401e1b1f61db42902cb72fd7b85e4e5f1a5
Document_Droppers5951EEF7C336E442C95F247AB2ECC4895F5D3E45_report.pdf_0cdf55626e56ffbf1b198beb4f6ed55959b62e650a437032886e1cc74dd7cdf0abab5ee6bc85fb4aa18568733aa89370
Document_DroppersADCB57BCE7FBB5E076F3272990BEDEE1D9544EE5_EUAG_report.pdf__3f301758aa3d5d123a9ddbad1890853b8a844864e62650905fc438f6291fa64ae2d3822054cc8354c44a923d5364905e
Document_DroppersDD2C3592281EC09602AAA8488EB2F4509F75EF81_The 2013 Armenian Economic Association.pdf_c03bcb0cde62b3f45b4d772ab635e2b0da7f82d0c80c7d95d787185c04ecc116062bc655e513eaf1ccb4a1423bdbd289
Document_DroppersFBC3856FD689E1AC0F8FB56BBD7D0A2B8332A928_ASEM_Seminar.pdf_88292d7181514fda5390292d73da28d4784d1ebd1faccec27f98970cc266859eaf5676da1c451e3304fb55435d8c8473
Document_DroppersFC53525F4E2E5B8EBE86778C20FD8916612CFD29_action_plan.pdf_3668b018b4bb080d1875aee346e3650a5b21100b828b77758bfd6495c924e71f8bbd890c78d07067928bd7beccae087e
APT29_2013-02_Crysys_Miniduke IndicatorsStage2
Stage2109E1E387F8B2BB8D92F45E79881809384E9AE54d39f2202b421561cfc36a8802184685ce8d7b9fc80a87688fe6c6515117a6ebd96cfaea72a6bddb4bdc05404869f5f26
Stage21BA5BCD62ABCBFF517A4ADB2609F721DD7F609DF48bbce47e4d2d51811ea99d5a771cd1a1f19bd932336fa721e739b32c07b67c01ea4bd0ebc70e92a70f41e51f4668a0a
Stage21E6B9414FCE4277207AAB2AA12E4F0842A23F9C1a4ad6b55b1bc9e16123de1388f6ef9bf7889fbd40f65cfe21d0c7486b29eb4c5042abff4ac660c12c7936831445cfd6e
Stage2223C7EB7B9DDE08EE028BBA6552409EE144DB54Aa67ad3e2a020f690d892b727102a759b35c08566dc38ad65e906b3683ace98e5beef855aeedc611a0317a72eee193539
Stage228A43EAC3BE1B96C68A1E7463AE91367434A2AC4297ef5bf99b5e4fd413f3755ba6aad79c60621e82f58b5ea5b36cde40889a076cb2c7f1612144998b1d388200bc7e295
Stage2296FD4C5B4BF8EA288F45B4801512D7DEC7C497Bb8e89f9908262b5385623c0e39d6b9408e28dcf7fd7ce1ad9a65c186e09a7843ee31af924509148f085958cadfdda8fb
Stage22CEAE0F5F3EFE366EBDED0A413E5EA264FBF2A33441ee6a307e672c24d334d66cd7b2e1af4b01a3a299b09d2b4418cb66e80c34e3ec04016ed27199c472515cf95a023d0
Stage230B377E7DC2418607D8CF5D01AE1F925EAB2F0372dcd049c591644e35102921a48799975354786c5df71cd090c96d1328b4e31cd28b8ddc77904863d100b6c35ad235b69
Stage231AB6830F4E39C2C520AE55D4C4BFFE0B347C947ffefe16d581340c1e49f585a576a1fd8764f8c8f8832954c99fb0c2ac5ac5d89506dc5dc50310c9112318b75e9f9e2bf
Stage2352A2CF4BB2C9E300CE9A51740F238C9282CA6E47049aa581874752093bb98850ff45dac889fffd6f073755742324757394a6cbca41f72562af846105b51007855149903
Stage236B969C1B3C46953077E4AABB75BE8CC6AA6A327ab2d8a0d5b03d40f148f2f907b55f9f155265193d63d56553e8e135e9a60d7d7c13cbf9d82ac25f84306ec98d74725b0
Stage243FA0D5A30B4CD72BB7E156C00C1611BB4F4BD0Ab100d530d67cfbe76394bb01605673829c13a32033bc7dd06016651b0f21a2bed9be1dc40c6879f925c71e05f4f1c8f7
Stage24EC769C15A9E318D41FD4A1997EC13C029976FC205d10323111f02233163a6742556c97462a2df9d001d3e0f222d77b6781eb279761f1354570773ef1929a86557a11454
Stage253140342B8FE2DD7661FCE0D0E88D909F55099DBe990e0d1ee90cd10c4be7bfde6cc3e5acc6ad212f50e0a7a708bb1b63a01d8932f471618cdda69b2e12106ae112b2415
Stage25551408323086F31D9BC3358AB5B2ED4DDE86C5Dfdc96d77af6fdae487002e32d61df123c150dc87a29f23f909498fc13107187416618cacdfe0ecdf6976bf2a2632e82e
Stage25ACAEA49540635670036DC626503431B5A783B56c519eef57001ad3ae60cdcb0009bf778acd886fa7b9117807f1e11f0f38b9fad1afce51aa9cfbe3810a39d883d0ca663
Stage2634A1649995309B9C7D163AF627F7E39F42D5968b8088f6594dd8cba31b4f52a2d91f40e5569b85532adb1e637f83c997910924345f10aa9c2948b3d26be13eec6cbeb8b
Stage2683104D28BD5C52C53D2E6C710A7BD19676C28B8e1a659473ae1e828508309b77da13783830ee990a6d4aaf00bb051704c93b468792561e8dd6a6ed4662f6032d38dd37a
Stage273366C1EB26B92886531586728BE4975D56F7CA5c92252487615d5379317febc22dba7d47f5d3a8dfa13ba8e2142a3b1d644f107cc89c7e90cda2a5543df5787f8bfde1e
Stage281612FC09CFAE280CC35B1331C832A5A87C2EDFFafe0190820b3edc296daefe6d161105163eebf042547a7549fe9f5affaa1cee6bf11cf0450ede8f42e13bf4656e2f9b0
Stage2827DE388E0FEABD92FE7BD433138AA35142BD01A2ab25d33d61cf4cfbac92c26c7c0598e6a95d2895362fc8657bc90d73d77e32f09b86699eb625905ddeb45ccd6b13c71
Stage2A32817E9FF07BC69974221D9B7A9B980FA80B6771528567b1a2f1da31d602ce1ddfd89188d457e4189017712917c5c8f900bb9072c5910c9f975c50337115f952d885635
Stage2A6C18FCBE6B25C370E1305D523B5DE662172875Bb68677e04fcc9103560bb0a5e5c7303f94d39845ec228ff1c84668207c4591ae0e2b6605bdf11e84916534ab09744736
Stage2A9E529C7B04A99019DD31C3C0D7F576E1BBD0970d2f39019bfa05c7e71748d0624be9a9419580f275b82ee091bdc3028e6e5018fdcc915fe7853d4151b44f3d7e101e531
Stage2AD9734B05973A0A0F1D34A32CD1936E66898C034a58e8e935341b6f5cc1369c616de37655b96b07528f762dfcb9d6936995ed4e358d29542ae756f6e5547fa3b5b7797b6
Stage2C39D0B12BB1C25CF46A5AE6B197A59F8EA90CAA02d87ab160291664d62445548a2164c6023486eedb5fe8a026f602507f490b4df4721e8befa65007b84c4f5b1ed95e1bd
Stage2CC492D4B188F4CF5003F8B6954F6DD071A8066C206def6c642dcbd58d0291ac110a572743c28d41fbe5f6f0e4a8402fdd036f2a8cf271dabe135919ea0de0d5f1348f871
Stage2D81B0705D26390EB82188C03644786DD6F1A2A9Ef19345e0e5aecc0da45b4c110591bdd9b55e6e10a7f46c97cd247028287ea664bacf7ec7e500a4bf4f53c9dea7625426
Stage2ED64FBA3195F52192C65CAD491A28BF18F6F67A392a2c993b7a1849f11e8a95defacd2f75de532fd62bd4e528ed6e0ccf746e20e2e58041b7ff5327ddbbcf37628429077
Stage2EDF74413A6E2763147184B5E1B8732537A8543658282eb6d6f20c5de6e7f4ae3a42438d2fe2672737205351df003e1969ef1ef0df9e13a9a31bf77f844236857ed0b0bf5
Stage2EFCB9BE7BF162980187237BCB50F4DA2D55430C2935892bb70d954efdc5ee1b0c5f97184a962ea9027514712ba3949dc3ca54559d1d42e116837dda5f9809d6523a41255
Stage2F62600984C5086F2DA3D70BC1F5042CF464F928D381691b297f7f5694709e21ad61ec64513a50942322977d6471f71debc6d3db38807d88778366bae6cfcae45823a17f8
APT29_2013-02_Crysys_Miniduke IndicatorsStage3
Stage300852745CB40730DC333124549A768B471DFF4BCcf59ed2b5473281cc2e083eba3f4b6623d0b1f970eaeeabf9372ffc1ad7e61226632904cf0311ea8f872ddbfd34a3a2a
Stage30E263D80C46D5A538115F71E077A6175168ABC5C78e51be60eab2c6e952c9538a46ab52105e4224d4dd4e5fbd381ed33edb5bf847fbc138fbe9f57cb7d1f8fc9fa9a382d
Stage3118114446847EAD7A2FE87ECB4943FDBDD2BBD1E4c6608203e751cf27f627220269d683529ad305cba186c07cedc1f633c09b9b0171289301e1d4319a1d76d0513a6ac50
Stage315C75472F160F082F6905D57A98DE94C026E2C56738c60fff066934b6f33e368cfe9a88cde8184c6850d17f90e861309828af1f7b7e3b1695ebe5d303d3d4b6ef4ba1218
Stage31DF9B4DC693CE7250F51CBC7CED53AD0A6E1C587c48d0822eedd75c9c56f688fb8a0525979bc1595ad701ab8a72874a96bcfb94986daeee26b996241e691f3d53f7ec53a
Stage3416D1035168B99CC8BA7227D4C7C3C6BC1CE169A811f66d6dd2c713073c0b0aebbe74ce84809c2c7fa19acfa011f97946205f979afb54ac2c166f48ab35a20cd9d53a2ca
Stage3493D0660C9CF738BE08209BFD56351D4CF07587786ef8f5f62ae8590d6edf45e04806515a6e2852f2e6701656da74adb412cd0850b0d27750803613223be3eb5ac5cc26c
Stage3497F9C688ED142AE91E354B3D9C9E13243A268B0626489f8cafacb1b24fe6ecf0db52f23163eda7f8382b3981e23d81318505806260d2657ca3cd9d7e0995299a5647318
Stage36CF8CA847EE317255A9084BB44AE3F38EF61E5C392ff4df1d079a003ae2a8ac47dd5e81bf4698d9429b004357d1008ea8c9b94ec2a0370900616165db2315a9cbdda28fd
Stage3804701959A1DBFBBFC6D8142DE850DB9FCE9A61107a9975d7d96ff3b56de024ab2017582684f863b5af69ef3dc4e86a54cbb1f5486adfe79e08bd0b12d89684c0a9fb2fe
Stage39D716D2F8F1C2841A2707EBA2EBADD01ED83003044ee71de720fc1a50c919bc5a01c592da982838c4e90db3cb331f1d2f7b5b74f389da64e642bda75335a6137fdd627d8
Stage3D22D80DA6F042C4DA3392A69C713EE4D64BE8BC8b798c968cbfd53f878e13c7698610d9c12a057ca7c92cda3cd0e09efc5bff2ebd3f7d2991e999038c7f31a6ac6a95c3d
Stage3E4ADD0B118113B2627143C7EF1D5B1327DE395F118e64b8e5ce5bdd33ce8bd9e00af672cb1584a6f1059ad1c24bde2a9a8ae83ffc6679eb531d30f3f1c69f81e3a3819dc
APT29APT29_2013-04_Bitdefender_A Closer Look at MiniDuke
APT29_2013-04_Bitdefender_A Closer Look at MiniDuke2011
2011_20111c658719e6dedb929a6d85359c59682d91b97f3b8ef8ebc8bbd06e06927e7b38090c026f8fca77e209e69c056b042cb7
APT29_2013-04_Bitdefender_A Closer Look at MiniDuke2012
201215101f74f974e3e80cc37805ebe5cc2efed77bb5745d82e1b44b1da4f0c8369173931351f883cff5dbdcc54cc4eb10a715101f74f974e3e80cc37805ebe5cc2efed77bb5745d82e1b44b1da4f0c83691
20121db9187b7b0e5bc97aca233f29b96295c0bc4058fdcff50df543c1f044e588361de51ec5d2b8466f0d424e1c8dcd64541db9187b7b0e5bc97aca233f29b96295c0bc4058fdcff50df543c1f044e58836
20122f9834f7b7fe09d98ef7b27d3828691ed4b361d1ccbbf8e10703f9ec03b05259612fba96383a5098c26fe1a222e1e7552f9834f7b7fe09d98ef7b27d3828691ed4b361d1ccbbf8e10703f9ec03b05259
2012415f88765b88dd90e5b0502e4fa1408e06ac9552c7c8974a510e6e23a9756a45e48fb57ce3d9c56ca3cf6c4aed8ad0ea415f88765b88dd90e5b0502e4fa1408e06ac9552c7c8974a510e6e23a9756a45
201255129d34050b2c028de564e3166611e1d148c26de0972cbe047caf530f11846874593127f50abff5327b3f7038b456d255129d34050b2c028de564e3166611e1d148c26de0972cbe047caf530f118468
20126e57c69963562d28a3a9da9f9103c199c909d0baa185a5d21e1b200a5a14ab729f13dc03904dbd45374acc21344772736e57c69963562d28a3a9da9f9103c199c909d0baa185a5d21e1b200a5a14ab72
2012bf210e54c65ea69ebda418f701c2c6b8aff840f31c1072d641a726cef8c7b5added2f80457aaefe1a80a9cefd1f4645dbf210e54c65ea69ebda418f701c2c6b8aff840f31c1072d641a726cef8c7b5ad
2012c13794601c5bdec3d5d76de9571e6c0e0b022b9fc62907018566895e3b949982423bb8914078a587d08b54d16bbd527cc13794601c5bdec3d5d76de9571e6c0e0b022b9fc62907018566895e3b949982
2012dfe146fffd2ae59172f52048f7e7d231807e0d732e19bdb443820a8305165741561017f887865b8d13f85c5474cdcbb8dfe146fffd2ae59172f52048f7e7d231807e0d732e19bdb443820a8305165741
2012e961202d84aad7fa9faaeb63651735416612d25c611a7a025e2eaab67c79e272ff83dad77ac2b526849930f1860dfd3fe961202d84aad7fa9faaeb63651735416612d25c611a7a025e2eaab67c79e272
2012f151f5a656d43a76a07fa03166906d51f9683b27b0e9b86464e3a68e9dba1fac8d3542af992b1de4cf1f587f61dddb50f151f5a656d43a76a07fa03166906d51f9683b27b0e9b86464e3a68e9dba1fac
APT29_2013-04_Bitdefender_A Closer Look at MiniDuke2013
201356dfc5905e7dfc67912ed164dc68c0806fdd3d7cd151415aaffcc1b7ab2f1a842530f54b87508e6f09a6bc5ab863b5db56dfc5905e7dfc67912ed164dc68c0806fdd3d7cd151415aaffcc1b7ab2f1a84
20136c2409d415e66faebf0a031350b44d5a014ab4f62f2c1a3115982d452b7f97b9527537cc28705e01af8d8006ae8308a96c2409d415e66faebf0a031350b44d5a014ab4f62f2c1a3115982d452b7f97b9
20137815e5275ea849a9ed1f193abd8781ff7ae6b88ef6282f6a0900175a4bb59131810de1b9fa0a9396acae23dcd113a60d7815e5275ea849a9ed1f193abd8781ff7ae6b88ef6282f6a0900175a4bb59131
2013abfffd23c81b6301675567622ccee08cf578ce91f372fce68cff8fc1dbc3053dc786a4cdfe08dbe7c64972a14669c4d1abfffd23c81b6301675567622ccee08cf578ce91f372fce68cff8fc1dbc3053d
2013ecc5e2526ca32a447c862612b71c1db5675a759897e680573fa143ac0a8e662ae863737773f64498091cd775c7abde66ecc5e2526ca32a447c862612b71c1db5675a759897e680573fa143ac0a8e662a
2013f0d822926f4e6aec2cf2bd7701d67e8399ccc05bc028377a275a90e06620a1096942f1dfd61d231df8acb7ed0f6310c4f0d822926f4e6aec2cf2bd7701d67e8399ccc05bc028377a275a90e06620a109
APT29APT29_2014-04_FSecure_Targeted Attacks and Ukraine
APT29_2014-04_FSecure_Targeted Attacks and Ukraine77A62F51649388E8DA9939D5C467F56102269EB1_Nato_pdf_06cca401a1049ae2fbb4f00aac720136081a9def7150ffd17d6c794b10609fd3463bebe0810bbf241162699a53779113
APT29_2014-04_FSecure_Targeted Attacks and Ukrainedownload
download1e5525eb2b80ed57635f0922bc5d1c56812fb8e0da64a9333b0ba66c4411b6b4ba57f95eba99722ebdeae433fc168d721e5525eb2b80ed57635f0922bc5d1c56812fb8e0da64a9333b0ba66c4411b6b4
downloadbd4928921ddadb44f9f573da61dac034533bf14fe38acd5754f3ccec1d566300edf7a81dab0bf0520bfb8204a010b730bd4928921ddadb44f9f573da61dac034533bf14fe38acd5754f3ccec1d566300
APT29APT29_2014-05_FSecure.Miniduke still duking it out
APT29_2014-05_FSecure.Miniduke still duking it out58be4918df7fbf1e12de1a31d4f622e570a81b93_Proposal-Cover-Sheet-English.rtf_6b08ff05b50dd89d81e2aa47554aa5e64c663f1b23d44283bbd2693ffb03a3864ad4455deb079a4f5c94d92be53a88cd
APT29_2014-05_FSecure.Miniduke still duking it outb27f6174173e71dc154413a525baddf3d6dea1fd.dll_270ca8368cd4216b1813281d3efe485d2ae4cc6834e3679e99fc93d2f5fba02167a31cf5b68a5a9ca7aa1a4b9f7cb4ae
APT29APT29_2014-07_Kaspersky_Miniduke is back_Nemesis Gemina and the Botgen Studio
APT29_2014-07_Kaspersky_Miniduke is back_Nemesis Gemina and the Botgen Studio86EC70C27E5346700714DBAE2F10E168A08210E4ba57f95eba99722ebdeae433fc168d721e5525eb2b80ed57635f0922bc5d1c56812fb8e0da64a9333b0ba66c4411b6b4
APT29_2014-07_Kaspersky_Miniduke is back_Nemesis Gemina and the Botgen StudioECD2FEB0AFD5614D7575598C63D9B0146A67ECAAedf7a81dab0bf0520bfb8204a010b730bd4928921ddadb44f9f573da61dac034533bf14fe38acd5754f3ccec1d566300
APT29APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-day
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-day2402C2DC6ACC5A8418201FEA5B2043F985E1DD69_EUAG_report.pdf_cf5a5239ada9b43592757c0d7bf661695fbe3c1075e1afb6c1a3ce757bb8d401e1b1f61db42902cb72fd7b85e4e5f1a5
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-day5951EEF7C336E442C95F247AB2ECC4895F5D3E45_ c.pdf_0cdf55626e56ffbf1b198beb4f6ed55959b62e650a437032886e1cc74dd7cdf0abab5ee6bc85fb4aa18568733aa89370
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-dayADCB57BCE7FBB5E076F3272990BEDEE1D9544EE5_EUAG_report.pdf__3f301758aa3d5d123a9ddbad1890853b8a844864e62650905fc438f6291fa64ae2d3822054cc8354c44a923d5364905e
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-dayFBC3856FD689E1AC0F8FB56BBD7D0A2B8332A928_ ASEM_Seminar.pdf_88292d7181514fda5390292d73da28d4784d1ebd1faccec27f98970cc266859eaf5676da1c451e3304fb55435d8c8473
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-dayFC53525F4E2E5B8EBE86778C20FD8916612CFD29_action_plan.pdf_3668b018b4bb080d1875aee346e3650a5b21100b828b77758bfd6495c924e71f8bbd890c78d07067928bd7beccae087e
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-dayThe 2013 Armenian Economic Association.pdf _c03bcb0cde62b3f45b4d772ab635e2b0da7f82d0c80c7d95d787185c04ecc116062bc655e513eaf1ccb4a1423bdbd289
APT29_2014-07_Kaspersky_The MiniDuke Mystery PDF 0-daythemysteryofthepdf0-dayassemblermicrobackdoor.pdf304bb5f1419a2e56f4bcd0d0f3b1312fb7cf61434cb485baafd9c3205f64c0cc8f1fa2302f9405a16cd421e888f4973e
APT29APT29_2014-11_FSecure_OnionDuke APT Attacks Via the Tor Network
APT29_2014-11_FSecure_OnionDuke APT Attacks Via the Tor NetworkA75995F94854DEA8799650A2F4A97980B71199D228f96a57fa5ff663926e9bad51a1d0cb19972cc87c7653aff9620461ce459b996b1f9b030d7c8031df0c8265b73f670d
APT29_2014-11_FSecure_OnionDuke APT Attacks Via the Tor NetworkB491C14D8CFB48636F6095B7B16555E9A575D57Fc8eb6040fd02d77660d19057a38ff769366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
APT29_2014-11_FSecure_OnionDuke APT Attacks Via the Tor NetworkD433F281CF56015941A1C2CB87066CA62EA1DB37d1ce79089578da2d41f1ad901f7b10140102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
APT29APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke0E5F55676E01D8E41D77CDC43489DA8381B68086dc6cc442c0900104a5601a6049354fad41d63d293a6e2722fcf82f8bf67b8f566bd4d3f669ede146ccc286f0228d8f62
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke353540C6619F2BBA2351BABAD736599811D3392Eab7a66ed3c6de1b7449d6054a8b46d7f8cad0a40dd87e5d77e5c939bd7ea838c3549c44b525e2f4a1227d53c4af925be
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke4E3C9D7EB8302739E6931A3B5B605EFE8F211E519d95c8f09f991a5fc37b79c45ebd20433c5d2fcacafc21d9f43c595ddf03bec801ccb958b8641018612c21bc741800d0
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke5295B09592D5A651CA3F748F0E6401BD48FE7BDA6571a2d3892ca937697e96f8bb795e428c6c57f7e9c81fcf194d17a752f8da4295fab5dad8eb79bd289256b9cdb7415e
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke55F83FF166AB8978D6CE38E80FDE858CF29E660B8e5106565fd96df1308d208d1e3426a37e371cd323898e403df7a80add34d791e160e443bcd2d02f27ddc0c04ba1bdab
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke580ECA9E36DCD1A2DEB9075BCAE90AFEE46AACE2351c913e4120081d8f04317121654a391590bdbaff2c178387e924b689b030057b4cbd2865e9c4dd3886a8791ac8e4ee
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke5A199A75411047903B7BA7851BF705EC545F6DA9f22606385080d35551e7f8e8f49b7de9fe5bc1248fc79fc15663ef169f0a269c1abe847d00b01e9571fe5c0d760d68f0
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke5C5EC0B5112A74A95EDC23EF093792EB3698320E3729a14be6b3a92265cf6d8e14c79abe64e3a2bba82027dd6ff631fa5890a7ba8331b62a0a4c0b1ca24d143c2b61c323
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke65681390D203871E9C21C68075DBF38944E782E86542cd548182d6adc08a63c942f9bc54880ae80fdc874002a6d9c807802794d4a35c384551d73bb36277b2f1e63d67e2
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke6A43ADA6A3741892B56B0EF38CDF48DF1ACE236Ddc92eba92885f2e937cb6f694647eb713d37e753812687fb7287cf8644d13fe2673ea7c3b540637c1ce1c6819f1c521b
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke6DB1151EEB4339FC72D6D094E2D6C2572DE894705a7659b691a3caf107e6636d8906dcb0334ed05005ce829224d0dd4cc5baab6b837cf02ac0e321c8f97d11b3ba1c77a7
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke74BC93107B1BBAE2D98FCA6D819C2F0BBE8C9F8Afc0e380447be2bbdf9f06fc3358f8648b3236d1d0924cd9a17babd13209fe6706fd3a9228f22fe658eb4eb0c71360b73
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke7631F1DB92E61504596790057CE674EE9057075520d86cb4ebbffb739faa47f7354ee134d5f1d8d2629b91744fe812207cb3f0bebfd1aec9937b7744a263d1a4e3421063
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke764ADD69922342B8C4200D64652FBEE1376ADF1Ce175be029dd2b78c059278a567b3ada12146da9bc0e27d7eb10983b7dd89f250fa0015ce284dde8f0bb6a79626d34a2a
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke7803F160AF428BCFB4B9EA2ABA07886F232CDE4Eb59199877e0d68a5e93fc8ea76374ed15b50e26a01b320f05d66727e9d220d5858cdac203ff62e4b9ced1cafc2683637
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke8949C1D82DDA5C2EAD0A73B532C4B2E1FBB58A0E23d2592db15c251382706515cf4fd37e7e9c0bda27bbc80d947bc0c6ce29a19c824288d2b481f92a1637b7b8dfc8b81c
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke8AA9F5D426428EC360229F4CB9F722388F0E535C1a874e5ecd67dffab45e17e9b730daed51b4e69183f3d02124f3314cc64a7869425f053d8021c74c12f21d7c2afe2163
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDuke9700C8A41A929449CFBA6567A648E9C5E4A14E70608b22fcd2d067730176e335d3c6454b4fc0bbb90aeecd3229aa932437273ba59f887a6eac569b56693602b957e205e2
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeB54B3C67F1827DAB4CC2B3DE94FF0AF4E5DB3D4Cf611f8b0655a8980cf71a252536c7a5a16870c6b572934f5a106d5f632b6d41bb23924c12ddf172be24c6dfca25226b1
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeC671786ABD87D214A28D136B6BAFD4E33EE669512aa2a6e004159b9e3a590c63a0cc47b3ba35aa14ccc0e4fa8e47b621ea1d1efe1b012b623afd469e56015c0857fec646
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeCCB29875222527AF4E58B9DD8994C3C7EF617FD80be02d5f66f84ebd03f362ad4b4a06e604819cde7e928e6ff376daeb73b894959f672a85b363753c227416fc0f4a8acd
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeED14DA9B9075BD3281967033C90886FD7D4F14E5acac7584d7dc066d27555997d0f6d6cf9c2562e05eb940ae8d73c9baa7cfe85cb3ec619689227f65e4fbeeb3fec598ad
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeF621EC1B363E13DD60474FCFAB374B8570EDE4DEd824cbf08604dea9724ab8e707bb9fec68355d29ce79a5177084fe6292f0f8b9daa2018c571b552fff9f4a0815b432ce
APT29_2014_FSecure_Cosmicduke Cosmu with a twist of MiniDukeFECDBA1D903A51499A3953B4DF1D850FBD5438BDdffcd7f930f8874dc9f5115d0ae50b573e889cd495e008760fd12751d6d45cadf8a7280c4545f2ebe469f84b9b77c835
APT29APT29_2015-04_Kaspersky_CozyDuke-CozyBear
APT29_2015-04_Kaspersky_CozyDuke-CozyBear1A262A7BFECD981D7874633F41EA5DE8_5463.exe_1a262a7bfecd981d7874633f41ea5de8099524703c250d1d1a16288dbd2f425d6cd0491f608e207a82f239b39bb26b7e
APT29_2015-04_Kaspersky_CozyDuke-CozyBear1A42ACBDB285A7FBA17F95068822EA4E_ativvaxy_cik.dat_1a42acbdb285a7fba17f95068822ea4e4464c945c88ac9a4a22e86f0922f18c164e87f26c3f3fa054eb488fdd7d4bfc8
APT29_2015-04_Kaspersky_CozyDuke-CozyBear2AABD78EF11926D7B562FD0D91E68AD3_ Monkeys.exe_2aabd78ef11926d7b562fd0d91e68ad3f9ff78669e4b251ac1e31076eaf420bee6f2060dbc926cc33603f893658ca86c
APT29_2015-04_Kaspersky_CozyDuke-CozyBear3D3363598F87C78826C859077606E514_ player.exe_3d3363598f87c78826c859077606e51401468b1d3e089985a4ed255b6594d24863cfd94a647329c631e4f4e52759f8a9
APT29_2015-04_Kaspersky_CozyDuke-CozyBear57A1F0658712EE7B3A724B6D07E97259_ _3852.exe__57a1f0658712ee7b3a724b6d07e97259bc5625c674f08cca18e73eb661eed0182ef16e27983098cf1c61892ca621d60b
APT29_2015-04_Kaspersky_CozyDuke-CozyBear57A1F0658712EE7B3A724B6D07E97259_3852.exe_57a1f0658712ee7b3a724b6d07e97259bc5625c674f08cca18e73eb661eed0182ef16e27983098cf1c61892ca621d60b
APT29_2015-04_Kaspersky_CozyDuke-CozyBear6761106F816313394A653DB5172DC487_ amdhcp32.dll__6761106f816313394a653db5172dc48737ceea0922d1177a9de74f4858678acf6afd22706489fcca35a509bca9688cb7
APT29_2015-04_Kaspersky_CozyDuke-CozyBear7F6BCA4F08C63E597BED969F5B729C56_ aticalrt.dll_7f6bca4f08c63e597bed969f5b729c5665fa52f632e4e83ff83120c7df6b90291025a76d5daeb183e814ec0b3bd2bd4e
APT29_2015-04_Kaspersky_CozyDuke-CozyBear83f57f0116a3b3d69ef7b1dbe9943801.dll_83f57f0116a3b3d69ef7b1dbe9943801fdd7e8582ef8d7a23f269653435582cfe924ca9b2db34af63af5e57d1f3e09c2
APT29_2015-04_Kaspersky_CozyDuke-CozyBear8670710bc9477431a01a576b6b5c1b2.dll_8670710bc9477431a01a576b6b5c1b2a1233cca912fb61873c7388f299a4a1b78054e681941beb31f0a48f8c6d7a182b
APT29_2015-04_Kaspersky_CozyDuke-CozyBear90BD910EE161B71C7A37AC642F910059_5463.exe__90bd910ee161b71c7a37ac642f910059ff9edb92ee8125519aa1eea60cab9999bcd4caa87b891882caddc73a2a5ae9cf
APT29_2015-04_Kaspersky_CozyDuke-CozyBear93176DF76E351B3EA829E0E6C6832BDF_ hppscan854.pdf_93176df76e351b3ea829e0e6c6832bdf950c8f9dbec3a2a1603f9202408cf49ea5a9573c7296e5940a42581cbd6fc8c2
APT29_2015-04_Kaspersky_CozyDuke-CozyBear95B3EC0A4E539EFAA1FAA3D4E25D51DE_Office Monkeys (Short Flash Movie).exe_95b3ec0a4e539efaa1faa3d4e25d51de7fd72a36f7e0e6e0a8bc777fc9ed41e0a6d5526c98bc95a09e189531cf7e70d5
APT29_2015-04_Kaspersky_CozyDuke-CozyBear9AD55B83F2EEC0C19873A770B0C86A2F_reader_sl.exe_9ad55b83f2eec0c19873a770b0c86a2f7cdb9c2e8b6ca7f0a683a39c0bdadc7a512cff5d8264fdec012c541fd19c0522
APT29_2015-04_Kaspersky_CozyDuke-CozyBear9AD55B83F2EEC0C19873A770B0C86A2F_reader_sl.exe__9ad55b83f2eec0c19873a770b0c86a2f7cdb9c2e8b6ca7f0a683a39c0bdadc7a512cff5d8264fdec012c541fd19c0522
APT29_2015-04_Kaspersky_CozyDuke-CozyBear9E3F3B5E9ECE79102D257E8CF982E09E_Cache.dl_9e3f3b5e9ece79102d257e8cf982e09e8d86c0985530271618a342579afd1a9ecb27dfb080866e3b888bd3e45e1eb8f5
APT29_2015-04_Kaspersky_CozyDuke-CozyBearA5D6AD8AD82C266FDA96E076335A5080_reader_sl.exe_2a5d6ad8ad82c266fda96e076335a50807ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261
APT29_2015-04_Kaspersky_CozyDuke-CozyBearB5553645FE819A93AAFE2894DA13DAE7_ amd_opencl32.dll_b5553645fe819a93aafe2894da13dae71a7239c006a3adf893bdb5c2300b2964ed8bb454e1b622853e4460707dc63c16
APT29_2015-04_Kaspersky_CozyDuke-CozyBearD543904651B180FD5E4DC1584E639B5E_3852.ZIP_d543904651b180fd5e4dc1584e639b5e6a177de940ba477574947ed2d06fd7c08c7baf04b83cb7f3a46e4a93f889bf64
APT29_2015-04_Kaspersky_CozyDuke-CozyBearD596827D48A3FF836545B3A999F2C3E3_ aticaldd.dll__d596827d48a3ff836545b3a999f2c3e30dc7438be5b21a36651de0a08361b18d76f0920517a7d51f75dc234740f392ca
APT29_2015-04_Kaspersky_CozyDuke-CozyBearD596827D48A3FF836545B3A999F2C3E3_aticaldd.dll_d596827d48a3ff836545b3a999f2c3e30dc7438be5b21a36651de0a08361b18d76f0920517a7d51f75dc234740f392ca
APT29_2015-04_Kaspersky_CozyDuke-CozyBearEB22B99D44223866E24872D80A4DDEFD_ reader_sl.exe__eb22b99d44223866e24872d80a4ddefdf722677df4fb7eb4ac986a944d4f6630b91ac22b31f8d39ec9bf941376d5d4db
APT29_2015-04_Kaspersky_CozyDuke-CozyBearF16DFF8EC8702518471F637EB5313AB2_ hppscan854.exe_f16dff8ec8702518471f637eb5313ab22b160b7eef5ce5fdb83889f96fc40cbbbc7b85450ff2afdf781a8eb5d6a0f541
APT29_2015-04_Kaspersky_CozyDuke-CozyBearF58A4369B8176EDBDE4396DC977C9008_reader_sl.exe_f58a4369b8176edbde4396dc977c900830c69d91247f8a72a69e4d7c4bce3eafba40975e5890c23dc4dbe7c9a11afa73
APT29_2015-04_Kaspersky_CozyDuke-CozyBearf2b05e6b01be3b6cb14e9068e7a66fc1.dll_f2b05e6b01be3b6cb14e9068e7a66fc1036c5c0075d67f67fee546321f5b9c4f00d37aa9249ffe1627e71946bad4a3d1
APT29APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support04299C0B549D4A46154E0A754DDA2BC9E43DFF76bfd2d6bf8e99332157a0fe46a4a91c5256531cc133e7a760b238aadc5b7a622cd11c835a3e6b78079d825d417fb02198
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support28D29C702FDF3C16F27B33F3E32687DD82185E8B8c9113aec4d0585f2744e2027ef8a03d8aba704299ad5f649a48b822f548464a031a9c10fc28683010a5f6329a1bdc77
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support2F53BFCD2016D506674D0A05852318F9E8188EE107660a9b83b7fbc7ab372a911c69a85be1490d6e5ce4c2cddef0815c55bf8946cb830ce0ac7f586cf1ae16ef66f1bd8b
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support317BDE14307D8777D613280546F47DD0CE54F95Ba4f3e00b3da3e9d9382840dfbdbef3115d695ff02202808805da942e484caa7c1dc68e6d9c3d77dc383cfa0617e61e48
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support476099EA132BF16FA96A5F618CB44F87446E3B0227f3d0556c59e32791567a09236507d9b3bf1b4415afcdda6b7fbe07302fab1d865d1dc8fc6b024c98366a633e0612cb
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support4800D67EA326E6D037198ABD3D95F4ED594493138473fae7fdae7ee5a8b0fb64ebb596c197d8725e39d263ed21856477ed09738755134b5c0d0b9ae86ebb1cdd4cdc18b7
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support52D44E936388B77A0AFDB21B099CF83ED6CBAA6F72512c49401bd3d04a8ef6c7a64753070f7d64f514e99a2abdc10dc85e7e6f57c210a0f35472f7b897a19b73be36bece
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support6A3C2AD9919AD09EF6CDFFC80940286814A0AA2C50bf9c6de53b7de6906c2d5ed6177c2851e713c7247f978f5836133dd0b8f9fb229e6594763adda59951556e1df5ee57
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support78FBDFA6BA2B1E3C8537BE48D9EFC0C47F417F3Cf338e21422eca3a52239089f821519d6dea20c241265e2995244187c8476570893df41b9623784a4ca6ed075721b8cdf
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux Support9F5B46EE0591D3F942CCAA9C950A8BFF94AA7A0F97886672cc570ba4a5d6a162e92d015585c5ba695992ed59269ea7f7a58f3453f6047729d1f68a444d450439bbccc1f4
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportBFE26837DA22F21451F0416AA9D241F98FF1C0F8837b522730ff896435682b36f7b27a3e12f58639a883b0fcfe3d2e8bcb0330b978731975c9dfa2f8e583adbafc4d534e
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportC16529DBC2987BE3AC628B9B413106E5749999EDe163d9a91f97f133b0e3f2bbe4dc226ad4d79be85dc98f74088d6393a8fdf2b5d947ae4f279909af2aed0221dcecfe94
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportCC15924D37E36060FAA405E5FA8F6CA15A3CACE2b0a9a175e2407352214b2d005253bc0c6c8eb3365b7fb7683b9b465817e5cb87574026e306c700f3d103eba056777720
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportDEA6E89E36CF5A4A216E324983CC0B8F6C58EAA84d3a94134aaf590ae8ece0a57257e12980cb4007b9756246404c260bc69abf5d4938a1cc217d40ecbfdd6171b02b9e24
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportE33E6346DA14931735E73F544949A57377C6B4A0e268e5c53da8361d4f7b6a884d7dfc8abc207257bb88e323c57360a06895a45c29d15ad91c803b2af6132d8be620569a
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportED0CF362C0A9DE96CE49C841AA55997B4777B326856b224da7525ea5192efbef7a9b8112bfc1bafd9b01178037226fa55546d7ed7e9203c13e1b66419e887fee704d5196
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportF54F4E46F5F933A96650CA5123A4C41E115A9F61ffb407dc2b20357302a4550a73f6c342ecd0ce1973500c27bb5d70f326d115fba84c0b1680a726a041ed57b42063e7b1
APT29_2015-07_FSecure_Duke APT Groups Latest Tools Cloud Services and Linux SupportF97C5E8D018207B1D546501FE2036ADFBF774CFDb8690064dc61333c591252c4204fbbb3c3ea57eea9f522cfc70ef8c3b614f7e44903293a2e8354359b99efbf4cd436df
APT29APT29_2015-07_Fireeye_Hammertoss_Stealthy_tactics_define_Russian_Cyber
APT29_2015-07_Fireeye_Hammertoss_Stealthy_tactics_define_Russian_Cyber42e6da9a08802b5ce5d1f754d4567665637b47bc_WerMgr.ex_d3109c83e07dd5d7fe032dc80c581d088995535721ebeaf6983c6cecf3182d756ca5b3911607452dd4ba2ad8ec86cf96
APT29APT29_2015-07_Kaspersky_Minidionis one more APT with a usage of cloud drives
APT29_2015-07_Kaspersky_Minidionis one more APT with a usage of cloud drives6c8eb3365b7fb7683b9b465817e5cb87574026e306c700f3d103eba056777720 (1)b0a9a175e2407352214b2d005253bc0c6c8eb3365b7fb7683b9b465817e5cb87574026e306c700f3d103eba056777720
APT29APT29_2015-07_PaloAlto_Tracking_MiniDionis
APT29_2015-07_PaloAlto_Tracking_MiniDionis10B31A17449705BE20890DDD8AD97A2FEB0936743a04a5d7ed785daa16f4ebfd3acf0867ee5eb9d57c3611e91a27bb1fc2d0aaa6bbfa6c69ab16e65e7123c7c49d46f145
APT29_2015-07_PaloAlto_Tracking_MiniDionis38DD05B9CC892491347F4347870A6B77D9AEA8564cbd9a0832dcf23867b092de37c10d9d2a36823323b857921d056c0161fc15d47f29b7513443346a0aeb537cbf437f0d
APT29_2015-07_PaloAlto_Tracking_MiniDionis44403A3E51E337C1372B0BECDAB74313125452C7e00bf9b8261410744c10ae3fe2ce904956ac764b81eb216ebed5a5ad38e703805ba3e1ca7d63501ba60a1fb52c7ebb6e
APT29_2015-07_PaloAlto_Tracking_MiniDionis47F26990D063C947DEBBDE0E10BD267FB0F3271942ffc84c6381a18b1f6d000b94c74b09c1ee4232d1b6504fc7f93cb0478e90049a71992498ed2d701925d852e91cfcc3
APT29_2015-07_PaloAlto_Tracking_MiniDionis4F977DEBAA25925E82F254080E8F7C42B70CB669030da7510113c28ee68df8a19c643bb07b3e344ea44a9b5fdcee89818435d377b4413e704f8c2ef5522a0255bd4eca74
APT29_2015-07_PaloAlto_Tracking_MiniDionis5367186E3AA9B2B178BA82922C88AF538D61A99A01039a95e0a14767784acc8f07035935c0675b84f5960e95962d299d4c41511bbf6f8f5f5585bdacd1ae567e904cb92f
APT29_2015-07_PaloAlto_Tracking_MiniDionis5875E9E27607AAB5D39E312CD141D8941B07746298613ecb3afde5fc48ca4204f8363f1d7f8d8992dda6a48c54234e76cf0a0f445842aea1cd91d3252185c7b436e51cde
APT29_2015-07_PaloAlto_Tracking_MiniDionis6C95CDBE7D3C65104ABD0912AA7DC990998870302e64131c0426a18c1c363ec69ae6b5f226fdc7682cf367d4d1e635a40beab0762cee43978a0f86867be03aab81244107
APT29_2015-07_PaloAlto_Tracking_MiniDionis71031EBB535923722C8FCFDCBA127E4FDEF24F49e07ef8ffe965ec8b72041ddf9527cac4502e42dc99873c52c3ca11dd3df25aad40d2b083069e8c22dd45da887f81d14d
APT29_2015-07_PaloAlto_Tracking_MiniDionis7B8851F98F765038F275489C69A485E1BED4F82Da9c045c401afb9766e2ca838dc6f47a4d3d503934c0dfe75e386d0fb8da2e32238d93739624b6c5a929fe5b722b35d36
APT29_2015-07_PaloAlto_Tracking_MiniDionis84BA6B6A0A3999C0932F35298948F149EE05BC0270f5574e4e7ad360f4f5c2117a7a1ca7a713982d04d2048a575912a5fc37c93091619becd5b21e96f049890435940004
APT29_2015-07_PaloAlto_Tracking_MiniDionis890B943BA5C43B74AD2965874A21C7EF4BA896FF0f9534b63cb7af1e3aa34839d7d6e63208b410d359ec2d6cab73bd6c0be138d9bdc475e3f63fec65794a74e5d5958b3b
APT29_2015-07_PaloAlto_Tracking_MiniDionis910DFE45905B63C12C6F93193F5DC08F5B012BC39018fa0826f237342471895f315dbf39ed7abf93963395ce9c9cba83a864acb4ed5b6e57fd9a6153f0248b8ccc4fdb46
APT29_2015-07_PaloAlto_Tracking_MiniDionis9EAE02E8D4BC405AFD78DD364E96650F3608BF3Bc8b49b42e6ebb6b977ce7001b6bd96c893ecd67c6102802e2e058eac512a2c75434912c28dc2eae6c108451272008bc5
APT29_2015-07_PaloAlto_Tracking_MiniDionis9EEF49FC724B9F40BE795A80BC6363EB0C6B6DD651ea28f4f3fa794d5b207475897b1eefca0b804c30052456362fe22ae6fa8482f91651c2c18dc41cda4c6e282fdede6f
APT29_2015-07_PaloAlto_Tracking_MiniDionisCC15924D37E36060FAA405E5FA8F6CA15A3CACE2b0a9a175e2407352214b2d005253bc0c6c8eb3365b7fb7683b9b465817e5cb87574026e306c700f3d103eba056777720
APT29_2015-07_PaloAlto_Tracking_MiniDionisD7F7AEF824265136AD077AE4F874D265AE45A6B03195110045f64a3c83fc3e043c46d25388a40d5b679bccf9641009514b3d18b09e68b609ffaf414574a6eca6536e8b8f
APT29_2015-07_PaloAlto_Tracking_MiniDionisF19873B6D0DB1D2DDE9134D69F5E2D5F6B939AA7719cf63a3922953ceaca6fb4dbed6584a544aa392c1f519aebdb2a7b6dc23290082b7f7103c7e3022af35dfd6bc10dde
APT29APT29_2015-07_Palo_Alto_Unit 42 Technical Analysis Seaduke
APT29_2015-07_Palo_Alto_Unit 42 Technical Analysis SeadukeBB71254FBD41855E8E70F05231CE77FEE6F00388_LogonUI.exe_a25ec7749b2de12c2a86167afa88a4dd3eb86b7b067c296ef53e4857a74e09f12c2b84b666fc130d1f58aec18bc74b0d
APT29APT29_2015-07_Symantec_Seaduke latest weapon in the Duke armory
APT29APT29_2015-08_Prevenity Stealing data from public institutions
APT29_2015-08_Prevenity Stealing data from public institutionsF1F1ACE3906080CEF52CA4948185B665D1D7B13E_RD RCB 11.06.docx_84137c8e7509a0e9cf7ff71ba060cdb5e745fc57f816b2b507406ce1c0ec47f8f84d8f5efeaf327c657723c897522c83
APT29APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionage
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageCloudDuke
CloudDuke04299C0B549D4A46154E0A754DDA2BC9E43DFF76bfd2d6bf8e99332157a0fe46a4a91c5256531cc133e7a760b238aadc5b7a622cd11c835a3e6b78079d825d417fb02198
CloudDuke10B31A17449705BE20890DDD8AD97A2FEB0936743a04a5d7ed785daa16f4ebfd3acf0867ee5eb9d57c3611e91a27bb1fc2d0aaa6bbfa6c69ab16e65e7123c7c49d46f145
CloudDuke2E27C59F0CF0DBF81466CC63D87D421B33843E87964e4b516d72b7717aabb71ad7cc7bf61d4ac97d43fab1d464017abb5d57a6b4601f99eaa93b01443427ef25ae5127f7
CloudDuke2F53BFCD2016D506674D0A05852318F9E8188EE107660a9b83b7fbc7ab372a911c69a85be1490d6e5ce4c2cddef0815c55bf8946cb830ce0ac7f586cf1ae16ef66f1bd8b
CloudDuke317BDE14307D8777D613280546F47DD0CE54F95Ba4f3e00b3da3e9d9382840dfbdbef3115d695ff02202808805da942e484caa7c1dc68e6d9c3d77dc383cfa0617e61e48
CloudDuke44403A3E51E337C1372B0BECDAB74313125452C7e00bf9b8261410744c10ae3fe2ce904956ac764b81eb216ebed5a5ad38e703805ba3e1ca7d63501ba60a1fb52c7ebb6e
CloudDuke47F26990D063C947DEBBDE0E10BD267FB0F3271942ffc84c6381a18b1f6d000b94c74b09c1ee4232d1b6504fc7f93cb0478e90049a71992498ed2d701925d852e91cfcc3
CloudDuke4800D67EA326E6D037198ABD3D95F4ED594493138473fae7fdae7ee5a8b0fb64ebb596c197d8725e39d263ed21856477ed09738755134b5c0d0b9ae86ebb1cdd4cdc18b7
CloudDuke52D44E936388B77A0AFDB21B099CF83ED6CBAA6F72512c49401bd3d04a8ef6c7a64753070f7d64f514e99a2abdc10dc85e7e6f57c210a0f35472f7b897a19b73be36bece
CloudDuke6A3C2AD9919AD09EF6CDFFC80940286814A0AA2C50bf9c6de53b7de6906c2d5ed6177c2851e713c7247f978f5836133dd0b8f9fb229e6594763adda59951556e1df5ee57
CloudDuke7B8851F98F765038F275489C69A485E1BED4F82Da9c045c401afb9766e2ca838dc6f47a4d3d503934c0dfe75e386d0fb8da2e32238d93739624b6c5a929fe5b722b35d36
CloudDuke84BA6B6A0A3999C0932F35298948F149EE05BC0270f5574e4e7ad360f4f5c2117a7a1ca7a713982d04d2048a575912a5fc37c93091619becd5b21e96f049890435940004
CloudDuke910DFE45905B63C12C6F93193F5DC08F5B012BC39018fa0826f237342471895f315dbf39ed7abf93963395ce9c9cba83a864acb4ed5b6e57fd9a6153f0248b8ccc4fdb46
CloudDuke9F5B46EE0591D3F942CCAA9C950A8BFF94AA7A0F97886672cc570ba4a5d6a162e92d015585c5ba695992ed59269ea7f7a58f3453f6047729d1f68a444d450439bbccc1f4
CloudDukeBFE26837DA22F21451F0416AA9D241F98FF1C0F8837b522730ff896435682b36f7b27a3e12f58639a883b0fcfe3d2e8bcb0330b978731975c9dfa2f8e583adbafc4d534e
CloudDukeC16529DBC2987BE3AC628B9B413106E5749999EDe163d9a91f97f133b0e3f2bbe4dc226ad4d79be85dc98f74088d6393a8fdf2b5d947ae4f279909af2aed0221dcecfe94
CloudDukeCC15924D37E36060FAA405E5FA8F6CA15A3CACE2b0a9a175e2407352214b2d005253bc0c6c8eb3365b7fb7683b9b465817e5cb87574026e306c700f3d103eba056777720
CloudDukeD7F7AEF824265136AD077AE4F874D265AE45A6B03195110045f64a3c83fc3e043c46d25388a40d5b679bccf9641009514b3d18b09e68b609ffaf414574a6eca6536e8b8f
CloudDukeDEA6E89E36CF5A4A216E324983CC0B8F6C58EAA84d3a94134aaf590ae8ece0a57257e12980cb4007b9756246404c260bc69abf5d4938a1cc217d40ecbfdd6171b02b9e24
CloudDukeED0CF362C0A9DE96CE49C841AA55997B4777B326856b224da7525ea5192efbef7a9b8112bfc1bafd9b01178037226fa55546d7ed7e9203c13e1b66419e887fee704d5196
CloudDukeF54F4E46F5F933A96650CA5123A4C41E115A9F61ffb407dc2b20357302a4550a73f6c342ecd0ce1973500c27bb5d70f326d115fba84c0b1680a726a041ed57b42063e7b1
CloudDukeF97C5E8D018207B1D546501FE2036ADFBF774CFDb8690064dc61333c591252c4204fbbb3c3ea57eea9f522cfc70ef8c3b614f7e44903293a2e8354359b99efbf4cd436df
CloudDukeFE33B9F95DB53C0096AE9FB9672F9C7C32D22ACF4f148ffeac50df60f9f9015b909d8ed06c7e768e48b9b225b7b9f84528c53c2e6f9b639ce2e7919fe0dff9aad07ea4f5
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageCosmicDuke
CosmicDuke01E5080B832C6E4FCB7B9D06CAFFE03DAB8D95DAa4008cf300fd22f470c38489da9e25cfaecb468db5cebcfa25deadeb3b12fbc48b05a485b44deb500b4002521bc3e685
CosmicDuke02F55947402689EC755356AB6B0345A592446DA7cb8624999aa959b873e9bdb60ee65c0f187b1cc7264c04c3158f835546cad0be74e6411bb50cb8899179a71018f0b4b9
CosmicDuke03C5690728B7DFFB2F4AB947FE390264751428AA3a2ba475bf6a60dbe3ed59330c53c3f7246543cc4a538472bed0626c159715a963e39dfc69d79f60c3ab227c62277016
CosmicDuke0653A8F06B140F4FAC44ACB3BE723D7BB26025585dabff44971cc53bef7d8e17e85dda737c14761d20617ab7f408d6c63367f16026377d7c13f3e3c67525e034fc0c6d7c
CosmicDuke0BC8485CE6C24BB888E2329D479C9B7303BB98B48988f29396515f47de0457f9daa1dd62dad4c4aea24f2bd3e2f4b93bf782ebef70e8fdf930aff25a3e1b85a717314aa0
CosmicDuke0C8DB6542172DE98FA16C9BACFEF9ED4099FD87291a50a90cb31fad48908d5c6294e92baccd3c69710977360459c0d2539d5e7e7defce097bcfee3ae62e564de7c938f17
CosmicDuke0D8F41FE09DBD75AB953F9E64A6CDBBBC198BF2B0ee0f7fd55843d1ef7c9d6396bbcb99ba8200a476f72ef77f4cd6bd71ebae9f473e923b140600b9da0bbaf1f22e1cecb
CosmicDuke0E5F55676E01D8E41D77CDC43489DA8381B68086dc6cc442c0900104a5601a6049354fad41d63d293a6e2722fcf82f8bf67b8f566bd4d3f669ede146ccc286f0228d8f62
CosmicDuke0FF7CE34841C03C876B141C1F46D0FF2519889CCfa52383868abf82d027b971e799a599aa31551902d2cbb7110a9f5f04bfba7269410850155dc6163c7bf8cad171ed68c
CosmicDuke11B5CFB37EFB45D2C721CBF20CAB7C1F5C1AA44B51a96f279e790d2f861bb0ff843a7328620da58f80640661ccec202a3b20f138b8a0c9f374fb1fb5525dd3fe00ac5a8c
CosmicDuke151362502D569B16453E84A2F5D277D8E4E878C2685d678b3ffd72fce3f8b48d82a76f6070a7248b90573ba2edde5d9e8f0acd478235054480d98b0531d85725555f3a5c
CosmicDuke174373AB44CF6E7355F9DBB8469453519CB61A4478c6245367e6ef00ca76b8106eb738161dbb96c130b12eacfe2956b536ca8e8ef59691f513816011866320e0e77daab2
CosmicDuke18D983BA09DA695CE704AB8093296366B543996A9dc3d5da2f68b4ed9336c5b78b95578005637ef950feaeb0944d9fccca38eeff38e366c24a137ef08c9f1442aeb6afb7
CosmicDuke1A31245E943B131D81375D70B489D8E4BF3D6DCEcce1577e03093dcf195449d208e544d70314ed09890d5aa2dba659fe1343be93d48c3875a89e261484967fea7ea6c7eb
CosmicDuke1CE049522C4DF595A1C4C9E9CA24BE72DC5C6B281270217794b67491365048584a27a5ed0a013787f9c1731213059f2d8e1a7514f610783aaaea8fa5736063ab7793c0d7
CosmicDuke1DF78A1DC0AA3382FCC6FAC172B70AAFD0ED8D3D39e1b41b4118f4ea3ce2119c054b29e852d1b5387739dcf6a68efb21e8ccf83b9b29fb29724091d7a8084d2315f81d80
CosmicDuke1E5C6D3F64295CB36D364F7FA183177A3F5E6B7E868915de8b23cfc87765525efbdb4fa01c86bcc74684c2533026a8b4d9463ad4b5a1f30f6915ca19197b41e0cb893b77
CosmicDuke2345CD5C112E55BA631DAC539C8EFAB850C536B20b78ad10bb56a3f69f13297e427806cf2c480399bff7d05736caa1858fd43d9223df3fd531ae574dc3c9eb06cc3579ef
CosmicDuke2B1E7D54723CF9EE2FD133B8F17FA99470D7A51A2c6a49568e1733b66ef9dd2fa659aedb182ab7eb1dce2827a05aff0d83a13dd8346bd3b8ab2dfb681817a0d3aab05b15
CosmicDuke322E042CF1CB43A8072C4A4CBF6E37004A88D6F7b5304f94cd5baae6fb5dad19c2759d2c55ba0c04d488903e07f0747407ed56319f0d9aac113c7f9c62287442f1f78c45
CosmicDuke332AAC7BDB0F697FD96E35C31C54D15E548061F4dee4b9c620a390be143a79f555225c85ffc6a96b542196dbe322de199ee7b2621966d4c0d32ab43f78b9516a3576da09
CosmicDuke365F61C7886CA82BFDF8EE19CE0F92C4F7D0901E0295fb28f715a19e2b0c497b5dd55629cae1277446cb62f1ed3674e7ea87063a28b9d364e3638fa779fe8e3d6e1fb15f
CosmicDuke3980F0E3FE80B2E7378325AB64ECBE725AE5ECA952c73a7801a186077ed27a4cb7c7f8872e8aa9dac584a51c7d960baccf76747c858175573f5c013b7c44328f0871da04
CosmicDuke3F4A5BF72A15B7A8638655B24EB3359E229B9AEA8019dea970331823a504baaa90d3470f82670519b8d63d36967c611bc94659e5bff867837129ac93bcffe7589af46384
CosmicDuke42DBFBEDD813E6DBEA1398323F085A88FA014293933b3c5d3728ef6e08af4ae579c00d1147f3405ab0da5af125bcc6ebb6d17a1573b090c54d7a0a00630ec170ccc4b9d1
CosmicDuke4A9875F646C5410F8317191EF2A91F934CE76F5768f6d84ac9a28c2fea59ff5e045779115ef73d904cf5dcbec5919fba0b640168d6feb8f7021507568297e3da1a7e47a5
CosmicDuke4AAAC99607013B21863728B9453E4FFEE67B902Ed22c02dafb1ee0ef8d4ea90ac48a6988f61cdc7f68f47d23c4571b517ab4cdcfd984cf3f6f8f91dec99dfd7dc5a2dcff
CosmicDuke4E3C9D7EB8302739E6931A3B5B605EFE8F211E519d95c8f09f991a5fc37b79c45ebd20433c5d2fcacafc21d9f43c595ddf03bec801ccb958b8641018612c21bc741800d0
CosmicDuke4FBC518DF60DF395EA27224CB85C4DA2FF327E98ad02edae5173d0b7ba39a3065c9d5d63b7c4b998d7ebea62b81f2a12c5e8608a21079a0bcecdef81c0f5818a80b0c7eb
CosmicDuke4FD46C30FB1B6F5431C12A38430D684ED1FF5A7575d15f552aba5ed0df80ec2c16ab683ea1176b60ca96cfeb37dde61bde935f645a64fabd8e300f072fc355434b711dcf
CosmicDuke524AAF596DC12B1BB479CD69C620914FD4C3F9C93c0ca0ab63a76dbf836725c95e2a5b7a75e8567e7667eb02eec661134ecc07a7970d9448fc5b7dc021b5bcb039953a47
CosmicDuke541816260C71535CFEBC743B9E2770A3A601ACDF6629b432266d78f9eb74d2d1a71d0d32831267e0977becf098b5064aac6fd39b5f8e6fd975c06d4b8540cea71d402317
CosmicDuke558F1D400BE521F8286B6A51F56D362D642781325400d3db044befebbc39087ee1fe9533fede980fc70a86f949828b834edc0847490d497efcbd3a1155b7d3afe7c32543
CosmicDuke55F83FF166AB8978D6CE38E80FDE858CF29E660B8e5106565fd96df1308d208d1e3426a37e371cd323898e403df7a80add34d791e160e443bcd2d02f27ddc0c04ba1bdab
CosmicDuke580ECA9E36DCD1A2DEB9075BCAE90AFEE46AACE2351c913e4120081d8f04317121654a391590bdbaff2c178387e924b689b030057b4cbd2865e9c4dd3886a8791ac8e4ee
CosmicDuke5A199A75411047903B7BA7851BF705EC545F6DA9f22606385080d35551e7f8e8f49b7de9fe5bc1248fc79fc15663ef169f0a269c1abe847d00b01e9571fe5c0d760d68f0
CosmicDuke5C5EC0B5112A74A95EDC23EF093792EB3698320E3729a14be6b3a92265cf6d8e14c79abe64e3a2bba82027dd6ff631fa5890a7ba8331b62a0a4c0b1ca24d143c2b61c323
CosmicDuke63AEDCD38FE947404DDA4FBADDB1DA539D63241789c6c5439a2747d7f2a7305521dddcbb027c9da59c77e83b42535a0c965c4994a144715e796453fc2a5b189f0036c4b4
CosmicDuke6483ED51BD244C7B2CF97DB62602B19C27FA30591e417aa350346731f6e0c936d725f1a58290b324f5cdb5c3ea17fa48a74bc11c856f0da0b049d07d9316d161f71f26a5
CosmicDuke658DB78C0CE62E08E86B51988A222B5FB5FBB91318edd6bc785e56990f6721cd553c24ad38c0252f75b1c6b3980e40bb69cb932773a6e0b189fc8a80efc2dcb455209eab
CosmicDuke6A43ADA6A3741892B56B0EF38CDF48DF1ACE236Ddc92eba92885f2e937cb6f694647eb713d37e753812687fb7287cf8644d13fe2673ea7c3b540637c1ce1c6819f1c521b
CosmicDuke6B7A4CCD5A411C03E3F1E86F86B273965991EB85cd012e8f5340d2e148d2c2cbac4270a192172ff7bfeee332409a145bc626bebf732225d006877168f35c046368e5118c
CosmicDuke6DB1151EEB4339FC72D6D094E2D6C2572DE894705a7659b691a3caf107e6636d8906dcb0334ed05005ce829224d0dd4cc5baab6b837cf02ac0e321c8f97d11b3ba1c77a7
CosmicDuke7631F1DB92E61504596790057CE674EE9057075520d86cb4ebbffb739faa47f7354ee134d5f1d8d2629b91744fe812207cb3f0bebfd1aec9937b7744a263d1a4e3421063
CosmicDuke764ADD69922342B8C4200D64652FBEE1376ADF1Ce175be029dd2b78c059278a567b3ada12146da9bc0e27d7eb10983b7dd89f250fa0015ce284dde8f0bb6a79626d34a2a
CosmicDuke7803F160AF428BCFB4B9EA2ABA07886F232CDE4Eb59199877e0d68a5e93fc8ea76374ed15b50e26a01b320f05d66727e9d220d5858cdac203ff62e4b9ced1cafc2683637
CosmicDuke78D1C1E11EBAE22849BCCB3EB154EC986D99236423273a83bfd7aed10b9403e23a8bcba9f6c62f9f846b3d100d60b1f2ae57a71c91dd8dc215dce652e2c85dff60c0197f
CosmicDuke7AD1BEF0BA61DBED98D76D4207676D08C893FC13925b37a936304a5914941ac4584e346c29585bb17b28e8b15b2a250be9516f416fa7cac84cc24aa4e004f6987323147e
CosmicDuke807C3DB7385972A78B6D217A379DAB67E68A3CF5fa3b44b8a4a2a2b473cd5d934d1ec4bc1c348f1582385bfbf030abe20caabbd289d0f48a4076b1b6ccc417864070e9fe
CosmicDuke88B7EAD7C0BF8B3D8A54B4A9C8871F44D1577CE7664b149ae8469cbda7fd7ed48c7dc9b64f9b6a88245f782d81e9eec9315b9444c83d68941f9fc23641e3909c8da9db9d
CosmicDuke8A2227CAFA5713297313844344D6B6D9E08850932a998ce2750335079d73e6b2eb2bd011008beba8635e24baa50beee2e98654f73c04476a06fdcb893655f0a8201932d2
CosmicDuke8AA9F5D426428EC360229F4CB9F722388F0E535C1a874e5ecd67dffab45e17e9b730daed51b4e69183f3d02124f3314cc64a7869425f053d8021c74c12f21d7c2afe2163
CosmicDuke8AB7F806FA18DD9A9C2DC43DB0AD3EE79060B6E8d729fbb50665932fe529f7073acca9c19ce93f04dbb6a3b833f1146a54dadfdc224fdf24e3cca1f8a1eb4e902d597ff6
CosmicDuke8F4138E9588EF329B5CF5BC945DEE4AD9FEC1DFF50a56d98be79a1e6f04a1964e170a5d71005b40f977b92cbc01b7a66558ff0621cbaf36f7b4b2ab2ca3c3a267891bc8d
CosmicDuke9090DE286CE9126E8E9C1C3A175A70AB4656CA09baffad69d3ce95853a6db80711b74a38cb0d78c79ad46c04e7ab66ca95588db8ccde4d2710a171585b0276736aa4e059
CosmicDuke91FD13A6B44E99F7235697AB5FE520D540279741d34c6d5875f5d2aab929d1f7ce9688600dc70c0f2ed18c813a89c59686f375787ba683b549b1e6bb9aee6ca33be64bfb
CosmicDuke926046F0C727358D1A6FBDD6FF3E28BC67D5E2F62bd46a980dde8eaa13e3defffb87e1e0f6af08e31471c98adcc26f9916e26d41aa0c47ff94949d3174d55c320032be26
CosmicDuke9700C8A41A929449CFBA6567A648E9C5E4A14E70608b22fcd2d067730176e335d3c6454b4fc0bbb90aeecd3229aa932437273ba59f887a6eac569b56693602b957e205e2
CosmicDuke97C62E04B0CE401BD338224CDD58F5943F47C8DE37c394e3e15d211a050446bc90edac94ec49400e70c02a884a5df74ca99690886ec2d528e200c42dbdf057fd9b7f87f8
CosmicDukeA2ED0EAAEADAA90D25F8B1DA23033593BB76598Ecf2041ddfdc177b863a23ab7ade780434e9942bddfeb3369897c58d9b8fe2478c1df96e5b13733bfb24d975282685c29
CosmicDukeA421E0758F1007527FEC4D72FA2668DA340554C975c97ca9b085411af1860523c3c884b585d75a3eddc2f849e1dee40b47629ea0d1e3a1da6ba3cd9078177bb61a63f4fd
CosmicDukeA74ECEEA45207A6B46F461D436B73314B2065756704381812f4cc3c5b3875ea33232c842a7b230593aa43c701c30862d3054b4510ed1dea1fd5f219b1c3bc11321bab73b
CosmicDukeA7819C06746AE8D1E5D5111B1CA711DB0C8D923Ed47b25667effc0f88ab460c6edeecc5530b24935c8537c51ce56a69510019d8481ac78e6c5ccdbe792c625c69c5358f9
CosmicDukeA81B58B2171C6A728039DC493FAAF2CAB7D146A535c6928790ce08309af997654ed6d7197d9296ac474b991780b41f654b557e01ba93ae932ba717146e60c1b9ed579539
CosmicDukeB2A951C5B2613ABDB9174678F43A579592B0ABC9b2737204531a80c31bb30e9be9a1cc4c7c2bb277e3a982e9e2f76da2c96119514dde4f3e36b16eca5994be5f28bd0029
CosmicDukeB54B3C67F1827DAB4CC2B3DE94FF0AF4E5DB3D4Cf611f8b0655a8980cf71a252536c7a5a16870c6b572934f5a106d5f632b6d41bb23924c12ddf172be24c6dfca25226b1
CosmicDukeB579845C223331FEA9DFD674517FA4633082970E2337a4fa99547eb0cf7600601ab44dda73aac0b568f83746c9a54a2a6fdd2984c3e6f8d0c77a681c219abb9480859197
CosmicDukeBBE24AA5E554002F8FD092FC5AF7747931307A1526e8b95dfbc6a8aafe40ab84b1d2ab5e910a016a7b6e0a76bc7ddf12f9135090e0b23d00c382d70084b46bea4bbbcae7
CosmicDukeC2B5AFF3435A7241637F288FEDEF722541C4DAD8345adb4594e3a2b02041c7e2b5fde46bbf012045464ba2aadc1547940eb3ce262d0e023c2198c134dee658c859ecd8ab
CosmicDukeC637A9C3FB08879E0F54230BD8DCA81DEB6E1BCFbc304fb92a79bab73b75772427d14ffa4203168c1bad752af7f39f8fa8eae4e8a5e41f39892abffa804d52a008e2dfd7
CosmicDukeCBCA642ACDB9F6DF1B3EFEF0AF8E675E32BD71D19003e1d69cd29280d2233c1634370c60a38e41831d495ceb07dd232506447c62203ab05fe9e15e2b2a6a74aa9b0b0e96
CosmicDukeCCB29875222527AF4E58B9DD8994C3C7EF617FD80be02d5f66f84ebd03f362ad4b4a06e604819cde7e928e6ff376daeb73b894959f672a85b363753c227416fc0f4a8acd
CosmicDukeCD7116FC6A5FA170690590E161C7589D502BD6A737369a91ad462f1fac9004f3a86bb3ac4bc8280a99d07165055fabed11049d8da275f27f5d8cffc4ed10a68be2d0cb84
CosmicDukeD303A6DDD63CE993A8432F4DAAB51327327488433adea70969f52d365c119b3d25619de9c9f5a19c7b11fd866483adc93aa5bc4bd3515bd995ca79297b227e3e5ef1a665
CosmicDukeE60D36EFD6B307BEF4F18E31E7932A711106CD4461c6d0076ee4187f9ec31841aa645d422eafc64769c500d635b7225c9b1411db8f50db8618e4d5807e1640b641a2f5ee
CosmicDukeE841CA216CE4EE9E967FFFF9B059D31CCBF126BDf239e79e87f09000c247ff7e91ab96036322e8bbb5a7cc542a7da0fb33a60fc7443bcbd8601b828c9c7f138c71cce090
CosmicDukeECD2FEB0AFD5614D7575598C63D9B0146A67ECAAedf7a81dab0bf0520bfb8204a010b730bd4928921ddadb44f9f573da61dac034533bf14fe38acd5754f3ccec1d566300
CosmicDukeED14DA9B9075BD3281967033C90886FD7D4F14E5acac7584d7dc066d27555997d0f6d6cf9c2562e05eb940ae8d73c9baa7cfe85cb3ec619689227f65e4fbeeb3fec598ad
CosmicDukeED328E83CDA3CDF75FF68372D69BCBACFE2C9C5Ef5cc1c0c90fb89e4b4fc048c5a03b46f43bcee4067c067d9063ddfc101fc8b5a6e8d42184ef8b0fdd9bb14102cb9973d
CosmicDukeF621EC1B363E13DD60474FCFAB374B8570EDE4DEd824cbf08604dea9724ab8e707bb9fec68355d29ce79a5177084fe6292f0f8b9daa2018c571b552fff9f4a0815b432ce
CosmicDukeFBF290F6ADAD79AE9628EC6D5703E5FFB86CF8F15080bc705217c614b9cbf67a679979a8f21794d0b0938643e2aabe9f2ed762528e631a2ebda76020d0b59ce91fb51e41
CosmicDukeFECDBA1D903A51499A3953B4DF1D850FBD5438BDdffcd7f930f8874dc9f5115d0ae50b573e889cd495e008760fd12751d6d45cadf8a7280c4545f2ebe469f84b9b77c835
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageCozyDuke
CozyDuke01D3973E1BB46E2B75034736991C567862A112635b4250a6bb4c6915ce962d489ee912d6637cabc343e3ed5b447dccb13aa7caf4d3a3eb3cd617d360167f270ec34596ea
CozyDuke04AEFBF1527536159D72D20DEA907CBD080793E31a42acbdb285a7fba17f95068822ea4e4464c945c88ac9a4a22e86f0922f18c164e87f26c3f3fa054eb488fdd7d4bfc8
CozyDuke0E020C03FFFABC6D20ECA67F559C46B4939BB4F483f57f0116a3b3d69ef7b1dbe9943801fdd7e8582ef8d7a23f269653435582cfe924ca9b2db34af63af5e57d1f3e09c2
CozyDuke1E5F6A5624A9E5472D547B8AA54C6D146813F91Dbd52b2a371ff397c90b891b7a4f04c66b9c996b06e0db273a4edede3fd6fda2b40b2e0201eba3e8ac581d802fc610a4a
CozyDuke207BE5648C0A2E48BE98DC4DC1D5D1694418921914d779777af6eb7c556ae338b462c48db9ea2cc39808780ade1fe51287072e958448be7e3a7b32bfd48438453592018c
CozyDuke23E20C523B9970686D913360D438C88E6067C157f0a6436ffee12558a434a0fc24b3b33f5f827730c7bd155997121f023ca9775077a37a58111738fcb3213757170bd860
CozyDuke25B6C73124F11F70474F2687AD1DE407343AC0256332176672744320e9fee2117b059193d469000ca9e6af92876334e3a460ea4ac8a61c1a6ee819eefbfd0c79ea4fb315
CozyDuke32B0C8C46F8BAABA0159967C5602F58DD73EBDE90e0182694c381f8b68afc5f3ff4c4653c1b19af1e354f13c90163780be6ad50f02d5bf8bac1c9cc1eab1377a159de1be
CozyDuke446DAABB7AC2B9F11DC1267FBD192628CC2BAC1991aaf47843a34a9d8d1bb715a6d4acecdc70d3046b59785b2b9b7091e26f2484ba7a488dba420a8a05be388a337c399e
CozyDuke482D1624F9450CA1C99926CEEC2606260E7CE544fd8e27f820bdbdf6cb80a46c67fd978af7f4d18dbc0b822b89ba14ffea24114f92b593be0f287f300bb269b310883039
CozyDuke49FB759D133EEAAB3FCC78CEC64418E44ED649AB08709ef0e3d467ce843af4deb77d74d5bc7bcb663477238508ce8ad366cc9a77811c7f5eabaec47175858fe972639f40
CozyDuke5150174A4D5E5BB0BCCC568E82DBB864064875102ef51f1ca11ce73fa20b54a5886ad1dd89996b66d5a339939b2072d29675ec3ca6d793f42a5d335a8ea7dab8773321ef
CozyDuke543783DF44459A3878AD00ECAE47FF077F5EFD7Bd5a82520ebf38a0c595367ff0ca89fae70ae2363191e8b20d1773ecc73afc2b9a5dd8247c7b97eecfd1378f3e7aabf92
CozyDuke6B0721A9CED806076F84E828D9C65504A77D106C57a1f0658712ee7b3a724b6d07e97259bc5625c674f08cca18e73eb661eed0182ef16e27983098cf1c61892ca621d60b
CozyDuke6E00B86A2480ABC6DBD971C0BF6495D81ED1B629556b9eca4a85f52e2f3176c306e1866112e1139ef422c2c0884fb5b1786a8489c1769a96880a30406e4a28b76ea4a73a
CozyDuke78E9960CC5819583FB98FB619B33BFF7768EE861181a88c911b10d0fcb4682ae552c0de3a5373b33ac970dedeb52528b123959145bf51c95b159a30a7823ad8018ac4b41
CozyDuke7E9EB570EF07B793828C28CA3F84177E1AB76E14ac7a22d1af180c21b0061b8d512586d3f6d52c5608931cdf66d71502fcf012b6781edde64ba1f956c1868f7e36d8c8d2
CozyDuke8099A40B9EF478EE50C466EB65FE71B247FCF0148670710bc9477431a01a576b6b5c1b2a1233cca912fb61873c7388f299a4a1b78054e681941beb31f0a48f8c6d7a182b
CozyDuke87668D14910C1E1BB8BBEA0C6363F76E664DCD09f58a4369b8176edbde4396dc977c900830c69d91247f8a72a69e4d7c4bce3eafba40975e5890c23dc4dbe7c9a11afa73
CozyDuke8B357FF017DF3ED882B278D0DBBDF129235D123D3d3363598f87c78826c859077606e51401468b1d3e089985a4ed255b6594d24863cfd94a647329c631e4f4e52759f8a9
CozyDuke8C3ED0BBDC77AEC299C77F666C21659840F5CE23e8510a7ae4919a3fcedad985fbbca35218c0b02776487babbf6219cdaf97cbf2b534e0cf87a527228dda2d4a468a257f
CozyDuke93D53BE2C3E7961BC01E0BFA5065A2390305268C90bd910ee161b71c7a37ac642f910059ff9edb92ee8125519aa1eea60cab9999bcd4caa87b891882caddc73a2a5ae9cf
CozyDuke93EE1C714FAD9CC1BF2CBA19F3DE9D1E83C665E2f02da961eb7b87b41aee5fd9537022f0ac4ffc7a2ba8840a20f6b07aa44328f1802b79ced6a56b3ac7e78fa1178ba65a
CozyDuke9B56155B82F14000F0EC027F29FF20E6AE5205C29ad55b83f2eec0c19873a770b0c86a2f7cdb9c2e8b6ca7f0a683a39c0bdadc7a512cff5d8264fdec012c541fd19c0522
CozyDukeB65AA8590A1BAC52A85DBD1EA091FC586F6AB00Af2b05e6b01be3b6cb14e9068e7a66fc1036c5c0075d67f67fee546321f5b9c4f00d37aa9249ffe1627e71946bad4a3d1
CozyDukeBDD2BAE83C3BAB9BA0C199492FE57E70C6425DD3416db420e781c709bb71acee0b79282f4bcb2a5d99297b30f8ff00e08cf7330d5e2f69fc602bb317bf8e9f703a137a99
CozyDukeBF265227F9A8E22EA1C0035AC4D2449CEED43E2B1dde02ff744fa4e261168e2008fd613a418a21d49fe5bca8a3e050f039a0e2aa03db6d2de0fb49e3ff9d987f31b22dda
CozyDukeBF9D3A45273608CAF90084C1157DE2074322A23043c012086c1ae0a67c38b0926d6cba3f3dea35172449f0b9a86dff9af3b4480cc4c37a30e8cb54963ff91c4c1ffe7b0d
CozyDukeC3D8A548FA0525E1E55AA592E14303FC6964D28Df16dff8ec8702518471f637eb5313ab22b160b7eef5ce5fdb83889f96fc40cbbbc7b85450ff2afdf781a8eb5d6a0f541
CozyDukeC6472898E9085E563CD56BAEB6B6E21928C5486D98a6484533fa12a9ba6b1bd9df1899dc9891b5586cede16aa1e1b87380621f68e8956b991cf7675bbe18d2ec61a7522f
CozyDukeCCF83CD713E0F078697F9E842A06D624F8B9757Eacffb2823fc655637657dcbd25f35af8262dbadca239e5259161130ac9f0f5ef50691fd9dc3e3490b6c0d7b76e7ee34e
CozyDukeDEA73F04E52917DC71CC4E9D7592B6317E09A0547688be226b946e231e0cd36e6b708d203f0ebe892ab87ea24db172ae96cfc216b591d3967821c9d2581a9e11faccde28
CozyDukeE0779AC6E5CC76E91FCA71EFEADE2A5D7F099C80209a4a102a977b698544c99d8236e9ca86056f462d5783604b7f050047db210ecf698e72f3664b27d58265663ff5b324
CozyDukeE76DA232EC020D133530FDD52FFCC38B7C1D766262c4ce93050e48d623569c7dcc4d0278f44bead117d2cf34b8e50b81c82fbd1b938b94387cdf84386ace46b1f3b5df1a
CozyDukeE78870F3807A89684085D605DCD57A06E732712575457cc94b1d1dfa3f5d1aedc2edb0446eeffe540693418a107db3e7d2d9b72a54b2354aa6886b571272aa41f8cc8e0c
CozyDukeE99A03EBE3462D2399F1B819F48384F6714DCBA11a262a7bfecd981d7874633f41ea5de8099524703c250d1d1a16288dbd2f425d6cd0491f608e207a82f239b39bb26b7e
CozyDukeEA0CFE60A7B7168C42C0E86E15FEB5B0C9674029eb22b99d44223866e24872d80a4ddefdf722677df4fb7eb4ac986a944d4f6630b91ac22b31f8d39ec9bf941376d5d4db
CozyDukeEB851ADFADA7B40FC4F6C0AE348694500F878493b5553645fe819a93aafe2894da13dae71a7239c006a3adf893bdb5c2300b2964ed8bb454e1b622853e4460707dc63c16
CozyDukeF2FFC4E1D5FAEC0B7C03A233524BB78E44F0E50B9f65e3b320ec91380ebc28d4fdff48958a5d8d103cb175d7dc41932ef9a890997e25dbe15f94ecd2105835fe49779354
CozyDukeF33C980D4B6AAAB1DC401226AB452CE840AD4F407f6bca4f08c63e597bed969f5b729c5665fa52f632e4e83ff83120c7df6b90291025a76d5daeb183e814ec0b3bd2bd4e
CozyDukeF7D47C38ECA7EC68AA478C06B1BA983D9BF02E15a5d6ad8ad82c266fda96e076335a50807ed2d1aceab5f54df4acca63b5d269842d49521e13bab5e652237667c7eef261
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageExploitFile
ExploitFile1E770F2A17664E7D7687C53860B1C0DC0DA7157Ef81f858335b253d4708fbdfa6ca92ee9b219c95fac620b25fdaed082a0bc93644443d236e9173829214d587d17a32a87
ExploitFile353540C6619F2BBA2351BABAD736599811D3392Eab7a66ed3c6de1b7449d6054a8b46d7f8cad0a40dd87e5d77e5c939bd7ea838c3549c44b525e2f4a1227d53c4af925be
ExploitFile412D488E88DEEF81225D15959F48479FC8D387B3335160cad23e28d4597c1546458042c4afbd1f13132c2f047861b2ea90c18d546a326dbfca4dfeffd8b4ebf852204275
ExploitFile5295B09592D5A651CA3F748F0E6401BD48FE7BDA6571a2d3892ca937697e96f8bb795e428c6c57f7e9c81fcf194d17a752f8da4295fab5dad8eb79bd289256b9cdb7415e
ExploitFile65681390D203871E9C21C68075DBF38944E782E86542cd548182d6adc08a63c942f9bc54880ae80fdc874002a6d9c807802794d4a35c384551d73bb36277b2f1e63d67e2
ExploitFile74BC93107B1BBAE2D98FCA6D819C2F0BBE8C9F8Afc0e380447be2bbdf9f06fc3358f8648b3236d1d0924cd9a17babd13209fe6706fd3a9228f22fe658eb4eb0c71360b73
ExploitFile8949C1D82DDA5C2EAD0A73B532C4B2E1FBB58A0E23d2592db15c251382706515cf4fd37e7e9c0bda27bbc80d947bc0c6ce29a19c824288d2b481f92a1637b7b8dfc8b81c
ExploitFileC671786ABD87D214A28D136B6BAFD4E33EE669512aa2a6e004159b9e3a590c63a0cc47b3ba35aa14ccc0e4fa8e47b621ea1d1efe1b012b623afd469e56015c0857fec646
ExploitFileF1F1ACE3906080CEF52CA4948185B665D1D7B13E84137c8e7509a0e9cf7ff71ba060cdb5e745fc57f816b2b507406ce1c0ec47f8f84d8f5efeaf327c657723c897522c83
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageGeminiduke
Geminiduke3ED561786CA07C8E9862F4F682C1828A039D6DD4e36d73c6c8e832b7955c442b484472e51323e3d7656a427733663f03b3037326ffa9c57c68fa8e014a5bf7cb1455359a
Geminiduke6B0B8AD038C7AE2EFBAD066B8BA22DE859B81F987ad50c9e4a4bab73bba38860906220b6bc54acf4e60688ea668ef40ef965f2bad41dcf260ddae26d28b5551461c4b402
GeminidukeA3653091334892CF97A55715C7555C8881230BC4f1583641033d66873ed1604e2f1bea1ba8b01a219a9fe565aadf82bc28b60048c60b640e780386c7a84a425049df5af9
GeminidukeB14B9241197C667F00F86D096D71C47D6FA9ACA66d45f34e6d29391ee6f0e91bf344a7d0ce2c4dd21b99407bfa7066a6a57d180c00527e7db8ee52558c597550ac8b5d7c
GeminidukeC011552D61AC5A87D95E43B90F2BF13077856DEF6f5a73931c6c109bd6504a5ee0476ae77b9e542426408aa384d0394820f82f330e615a1ad17a777d04720458b33b08a3
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageHammerDuke
HammerDuke42E6DA9A08802B5CE5D1F754D4567665637B47BCd3109c83e07dd5d7fe032dc80c581d088995535721ebeaf6983c6cecf3182d756ca5b3911607452dd4ba2ad8ec86cf96
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageMiniDuke
MiniDuke00852745CB40730DC333124549A768B471DFF4BCcf59ed2b5473281cc2e083eba3f4b6623d0b1f970eaeeabf9372ffc1ad7e61226632904cf0311ea8f872ddbfd34a3a2a
MiniDuke03661A5E2352A797233C23883B25BB652F03F2059f13dc03904dbd45374acc21344772736e57c69963562d28a3a9da9f9103c199c909d0baa185a5d21e1b200a5a14ab72
MiniDuke045867051A6052D1D910ABFCB24A7674BCC046CAff83dad77ac2b526849930f1860dfd3fe961202d84aad7fa9faaeb63651735416612d25c611a7a025e2eaab67c79e272
MiniDuke0D78D1690D2DB2EE322CA11B82D79C758A901EBCc786a4cdfe08dbe7c64972a14669c4d1abfffd23c81b6301675567622ccee08cf578ce91f372fce68cff8fc1dbc3053d
MiniDuke0E263D80C46D5A538115F71E077A6175168ABC5C78e51be60eab2c6e952c9538a46ab52105e4224d4dd4e5fbd381ed33edb5bf847fbc138fbe9f57cb7d1f8fc9fa9a382d
MiniDuke103C37F6276059A5FF47117B7F638013CCFFE40774593127f50abff5327b3f7038b456d255129d34050b2c028de564e3166611e1d148c26de0972cbe047caf530f118468
MiniDuke118114446847EAD7A2FE87ECB4943FDBDD2BBD1E4c6608203e751cf27f627220269d683529ad305cba186c07cedc1f633c09b9b0171289301e1d4319a1d76d0513a6ac50
MiniDuke15C75472F160F082F6905D57A98DE94C026E2C56738c60fff066934b6f33e368cfe9a88cde8184c6850d17f90e861309828af1f7b7e3b1695ebe5d303d3d4b6ef4ba1218
MiniDuke1BA5BCD62ABCBFF517A4ADB2609F721DD7F609DF48bbce47e4d2d51811ea99d5a771cd1a1f19bd932336fa721e739b32c07b67c01ea4bd0ebc70e92a70f41e51f4668a0a
MiniDuke1E6B9414FCE4277207AAB2AA12E4F0842A23F9C1a4ad6b55b1bc9e16123de1388f6ef9bf7889fbd40f65cfe21d0c7486b29eb4c5042abff4ac660c12c7936831445cfd6e
MiniDuke223C7EB7B9DDE08EE028BBA6552409EE144DB54Aa67ad3e2a020f690d892b727102a759b35c08566dc38ad65e906b3683ace98e5beef855aeedc611a0317a72eee193539
MiniDuke28A43EAC3BE1B96C68A1E7463AE91367434A2AC4297ef5bf99b5e4fd413f3755ba6aad79c60621e82f58b5ea5b36cde40889a076cb2c7f1612144998b1d388200bc7e295
MiniDuke296FD4C5B4BF8EA288F45B4801512D7DEC7C497Bb8e89f9908262b5385623c0e39d6b9408e28dcf7fd7ce1ad9a65c186e09a7843ee31af924509148f085958cadfdda8fb
MiniDuke2A13AE3806DE8E2C7ADBA6465C4B2A7BB347F0F5561017f887865b8d13f85c5474cdcbb8dfe146fffd2ae59172f52048f7e7d231807e0d732e19bdb443820a8305165741
MiniDuke2CEAE0F5F3EFE366EBDED0A413E5EA264FBF2A33441ee6a307e672c24d334d66cd7b2e1af4b01a3a299b09d2b4418cb66e80c34e3ec04016ed27199c472515cf95a023d0
MiniDuke2D74A4EFAECD0D23AFCAD02118E00C08E17996ED73931351f883cff5dbdcc54cc4eb10a715101f74f974e3e80cc37805ebe5cc2efed77bb5745d82e1b44b1da4f0c83691
MiniDuke30B377E7DC2418607D8CF5D01AE1F925EAB2F0372dcd049c591644e35102921a48799975354786c5df71cd090c96d1328b4e31cd28b8ddc77904863d100b6c35ad235b69
MiniDuke31AB6830F4E39C2C520AE55D4C4BFFE0B347C947ffefe16d581340c1e49f585a576a1fd8764f8c8f8832954c99fb0c2ac5ac5d89506dc5dc50310c9112318b75e9f9e2bf
MiniDuke36B969C1B3C46953077E4AABB75BE8CC6AA6A327ab2d8a0d5b03d40f148f2f907b55f9f155265193d63d56553e8e135e9a60d7d7c13cbf9d82ac25f84306ec98d74725b0
MiniDuke416D1035168B99CC8BA7227D4C7C3C6BC1CE169A811f66d6dd2c713073c0b0aebbe74ce84809c2c7fa19acfa011f97946205f979afb54ac2c166f48ab35a20cd9d53a2ca
MiniDuke43FA0D5A30B4CD72BB7E156C00C1611BB4F4BD0Ab100d530d67cfbe76394bb01605673829c13a32033bc7dd06016651b0f21a2bed9be1dc40c6879f925c71e05f4f1c8f7
MiniDuke493D0660C9CF738BE08209BFD56351D4CF07587786ef8f5f62ae8590d6edf45e04806515a6e2852f2e6701656da74adb412cd0850b0d27750803613223be3eb5ac5cc26c
MiniDuke4B4841CA3F05879CA0DAB0659B07FC93A780F9F18d3542af992b1de4cf1f587f61dddb50f151f5a656d43a76a07fa03166906d51f9683b27b0e9b86464e3a68e9dba1fac
MiniDuke4EC769C15A9E318D41FD4A1997EC13C029976FC205d10323111f02233163a6742556c97462a2df9d001d3e0f222d77b6781eb279761f1354570773ef1929a86557a11454
MiniDuke53140342B8FE2DD7661FCE0D0E88D909F55099DBe990e0d1ee90cd10c4be7bfde6cc3e5acc6ad212f50e0a7a708bb1b63a01d8932f471618cdda69b2e12106ae112b2415
MiniDuke5ACAEA49540635670036DC626503431B5A783B56c519eef57001ad3ae60cdcb0009bf778acd886fa7b9117807f1e11f0f38b9fad1afce51aa9cfbe3810a39d883d0ca663
MiniDuke5B2C4DA743798BDE4158848A8A44094703E842CBe863737773f64498091cd775c7abde66ecc5e2526ca32a447c862612b71c1db5675a759897e680573fa143ac0a8e662a
MiniDuke634A1649995309B9C7D163AF627F7E39F42D5968b8088f6594dd8cba31b4f52a2d91f40e5569b85532adb1e637f83c997910924345f10aa9c2948b3d26be13eec6cbeb8b
MiniDuke683104D28BD5C52C53D2E6C710A7BD19676C28B8e1a659473ae1e828508309b77da13783830ee990a6d4aaf00bb051704c93b468792561e8dd6a6ed4662f6032d38dd37a
MiniDuke694FA03160D50865DCE0C35227DC97FFA1ACFA486942f1dfd61d231df8acb7ed0f6310c4f0d822926f4e6aec2cf2bd7701d67e8399ccc05bc028377a275a90e06620a109
MiniDuke73366C1EB26B92886531586728BE4975D56F7CA5c92252487615d5379317febc22dba7d47f5d3a8dfa13ba8e2142a3b1d644f107cc89c7e90cda2a5543df5787f8bfde1e
MiniDuke827DE388E0FEABD92FE7BD433138AA35142BD01A2ab25d33d61cf4cfbac92c26c7c0598e6a95d2895362fc8657bc90d73d77e32f09b86699eb625905ddeb45ccd6b13c71
MiniDuke909D369C42125E84E0650F7E1183ABE740486F58423bb8914078a587d08b54d16bbd527cc13794601c5bdec3d5d76de9571e6c0e0b022b9fc62907018566895e3b949982
MiniDuke9796D22994FF4B4E838079D2E5613E7AC425DD1Dded2f80457aaefe1a80a9cefd1f4645dbf210e54c65ea69ebda418f701c2c6b8aff840f31c1072d641a726cef8c7b5ad
MiniDukeA32817E9FF07BC69974221D9B7A9B980FA80B6771528567b1a2f1da31d602ce1ddfd89188d457e4189017712917c5c8f900bb9072c5910c9f975c50337115f952d885635
MiniDukeA4E39298866B72E5399D5177F717C46861D8D3DF1de51ec5d2b8466f0d424e1c8dcd64541db9187b7b0e5bc97aca233f29b96295c0bc4058fdcff50df543c1f044e58836
MiniDukeA6C18FCBE6B25C370E1305D523B5DE662172875Bb68677e04fcc9103560bb0a5e5c7303f94d39845ec228ff1c84668207c4591ae0e2b6605bdf11e84916534ab09744736
MiniDukeA9E529C7B04A99019DD31C3C0D7F576E1BBD0970d2f39019bfa05c7e71748d0624be9a9419580f275b82ee091bdc3028e6e5018fdcc915fe7853d4151b44f3d7e101e531
MiniDukeAD9734B05973A0A0F1D34A32CD1936E66898C034a58e8e935341b6f5cc1369c616de37655b96b07528f762dfcb9d6936995ed4e358d29542ae756f6e5547fa3b5b7797b6
MiniDukeB27F6174173E71DC154413A525BADDF3D6DEA1FD270ca8368cd4216b1813281d3efe485d2ae4cc6834e3679e99fc93d2f5fba02167a31cf5b68a5a9ca7aa1a4b9f7cb4ae
MiniDukeB8B116D11909A05428B7CB6DCCE06113F4CC9E58e48fb57ce3d9c56ca3cf6c4aed8ad0ea415f88765b88dd90e5b0502e4fa1408e06ac9552c7c8974a510e6e23a9756a45
MiniDukeC17AD20E3790BA674E3FE6F01B9C10270BF0F0E41c658719e6dedb929a6d85359c59682d91b97f3b8ef8ebc8bbd06e06927e7b38090c026f8fca77e209e69c056b042cb7
MiniDukeC39D0B12BB1C25CF46A5AE6B197A59F8EA90CAA02d87ab160291664d62445548a2164c6023486eedb5fe8a026f602507f490b4df4721e8befa65007b84c4f5b1ed95e1bd
MiniDukeC6D3DAC500DE2F46E56611C13C589E037E4CA5E0527537cc28705e01af8d8006ae8308a96c2409d415e66faebf0a031350b44d5a014ab4f62f2c1a3115982d452b7f97b9
MiniDukeCB3A83FC24C7B6B0B9D438FBF053276CCEAACD2E612fba96383a5098c26fe1a222e1e7552f9834f7b7fe09d98ef7b27d3828691ed4b361d1ccbbf8e10703f9ec03b05259
MiniDukeCC3DF7DE75DB8BE4A0A30EDE21F226122D2DFE87810de1b9fa0a9396acae23dcd113a60d7815e5275ea849a9ed1f193abd8781ff7ae6b88ef6282f6a0900175a4bb59131
MiniDukeCD50170A70B9CC767AA4B21A150C136CB25FBD442530f54b87508e6f09a6bc5ab863b5db56dfc5905e7dfc67912ed164dc68c0806fdd3d7cd151415aaffcc1b7ab2f1a84
MiniDukeCDCFAC3E9D60AAE54586B30FA5B99F180839DEED7040ee4cd4be4b84f8510c04663a2500e375d40412845c4476536307f28b64c0128e1cb88a3f505bafdcd013d542fa85
MiniDukeD22D80DA6F042C4DA3392A69C713EE4D64BE8BC8b798c968cbfd53f878e13c7698610d9c12a057ca7c92cda3cd0e09efc5bff2ebd3f7d2991e999038c7f31a6ac6a95c3d
MiniDukeD81B0705D26390EB82188C03644786DD6F1A2A9Ef19345e0e5aecc0da45b4c110591bdd9b55e6e10a7f46c97cd247028287ea664bacf7ec7e500a4bf4f53c9dea7625426
MiniDukeDE8E9DEF2553F4D211CC0B34A3972D9814F156AA1e1b0d16a16cf5c7f3a7c053ce78f515a1015f0b99106ae2852d740f366e15c1d5c711f57680a2f04be0283e8310f69e
MiniDukeE4ADD0B118113B2627143C7EF1D5B1327DE395F118e64b8e5ce5bdd33ce8bd9e00af672cb1584a6f1059ad1c24bde2a9a8ae83ffc6679eb531d30f3f1c69f81e3a3819dc
MiniDukeE95E2C166BE39A4D9CD671531B376B1A8CEB4A55f78f1359fcf04e89e3bb0fbdf74c1e05f2ede48413704b3efc4d629d3db1a1331352a0afb0d91683640dc4b4af2921d1
MiniDukeEDF74413A6E2763147184B5E1B8732537A8543658282eb6d6f20c5de6e7f4ae3a42438d2fe2672737205351df003e1969ef1ef0df9e13a9a31bf77f844236857ed0b0bf5
MiniDukeEFCB9BE7BF162980187237BCB50F4DA2D55430C2935892bb70d954efdc5ee1b0c5f97184a962ea9027514712ba3949dc3ca54559d1d42e116837dda5f9809d6523a41255
MiniDukeF62600984C5086F2DA3D70BC1F5042CF464F928D381691b297f7f5694709e21ad61ec64513a50942322977d6471f71debc6d3db38807d88778366bae6cfcae45823a17f8
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageOnionDuke
OnionDuke073FAAD9C18DBE0E0285B2747EAE0C629E56830C1aa8a941ec22a3ffe32d079323a2e6c40474111e44b9aa56d6e6024c6f278e915d57b7862ceb927672fc3417f76a3ba3
OnionDuke145C5081037FAD98FA72AA4D6DC6C193FDB1C127e1db6b72ec26311b175663b7d88e3c00930939256e2c2fa30e7260897d96859c08cf767664e4bd3cedf156b6765b5413
OnionDuke16B632B4076A458B6E2087D64A42764D86B5B021af534ba7bfc624c76e718ceab3477118ef0fab7757a6b5e842297fa2e0dc7a7ce084278c5d12b878bba7d90759a0e22b
OnionDuke1E200FBB02DC4A51EA3EDE0B6D1FF9004F07FE739993445521ca03ac3a693625b5ca1f363877a522c924f834e442ef19d9b11ab6d3385849e60d5f310f6320e2d9e42804
OnionDuke22BAE6BE13561CEC758D25FA7ADAC89E67A1F33Ab602adb677d0560601e7668eaf158605a9e2d988781e970882fb1cee420bf01dda30730046a82f0faf4703523842feb5
OnionDuke25E0AF331B8E9FED64DC0DF71A2687BE348100E80753697172046fcfb03d6445fff1f093bd589360b299dc4803aa35abca527137a51feadae2b1e3bc2b5a301bb5b245da
OnionDuke3BF6B0D49B8E594F8B59EEC98942E1380E16DD22d26ff50f81e76dffd1382fbf16783b4765a2ca760bfce4762cd1cb3623c7d5d0ff86187d3bf3ba8fdea1339585a57ec2
OnionDuke42429D0C0CADE08CFE4F72DCD77892B883E8A4BC4649609b8394283ec36ada132b02a0c6567332c2a6813d529bcb9196102ad45eceb982143e9d2f326f02cec1511954b0
OnionDuke5CCFF14CE7C1732FADFE74AF95A912093007357F89b3cf1023825cc49efe59b06092dba1d07a802eb6d2c296c3f1bc726b5a716c4a7d8e97053c53e81658a31f969e6ce7
OnionDuke61283EF203F4286F1D366A57E077B0A581BE1659db9ccc6fa0f7605f39d93487fbaba866540913b3647c28a14418a6f288be9e4d8f99048227efea8ca1b13877269002eb
OnionDuke6B3B42F584B6DC1E0A7B0E0C389F1FBE040968AA65c40b01a0870250fb358efc8b201192c218b779461d83d70791e0578175503cd69128c9723f2c5d7d36b85073b0f2f9
OnionDuke6B631396013DDFD8C946772D3CD4919495298D40a4c77494cccb41aaa8849176bd58055e97afcd01e00d32dc4d1161d7a127933593cfc092ec635af5dc7a775a088b6091
OnionDuke7B3652F8D51BF74174E1E5364DBBF901A2EBCBA119aca5da05ee8e5862e1d1ee50e84cecdf818c2dccacc532ba0205749329b7e46d1f6616b40da55e0d994105bd988bd2
OnionDuke7D17917CB8BC00B022A86BB7BAB59E28C34531269e3f3b5e9ece79102d257e8cf982e09e8d86c0985530271618a342579afd1a9ecb27dfb080866e3b888bd3e45e1eb8f5
OnionDuke7D871A2D467474178893CD017E4E3E04E589C9A03a6b45a7c8fa74bc342b69e9260799603af9cfb2797bed22e1d12970d068d794270a0f07d3f3dcfdcdb9abfc3a80e0f8
OnionDuke7EFD300EFED0A42C7D1F568E309C45B2B641F5C26a5a0ac42161333e9758589ecabed3c6c47f2973f077f21abfb202b54ea18ee2a182e4305ee0046c1bc6d15a1179a43c
OnionDuke91CB047F28A15B558A9A4DFF26DF642B9001F8D7ccb6d74a8577ca44ca56cfc7fa6332b649dca913ff5c4782e8f8fa2dfd161110bc5c8cd36c9ce8aa0efd1860ab668e6e
OnionDuke9A277A63E41D32D9AF3EDDEA1710056BE0D423470ea4ccf2737f7095b367eda58e475e1f489d448514a3ddf30144cc1634e6623e529dd3aee54a050a920a3d4342b4b96a
OnionDukeA75995F94854DEA8799650A2F4A97980B71199D228f96a57fa5ff663926e9bad51a1d0cb19972cc87c7653aff9620461ce459b996b1f9b030d7c8031df0c8265b73f670d
OnionDukeB3873D2C969D224B0FD17B5F886EA253AC1BFB5B2d96b4c95152819a888deccf7ec965d6ac9c7ac457a605ff836eb6fe127eabc7a251dd73ea0a1fa59a591de30fa75d3f
OnionDukeB491C14D8CFB48636F6095B7B16555E9A575D57Fc8eb6040fd02d77660d19057a38ff769366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
OnionDukeC1EC762878A0EED8EBF47E122E87C79A5E3F7B44c0f27bcdede7fe36664770dfe9f840446271c4909f39e1f29dcc79cde0f526cbde45d906726e73bd3b52d041a34eda38
OnionDukeCCE5B3A2965C500DE8FA75E1429B8BE5AA744E1416bb0f9d98eb7a832b6db1e92f4e4f1addce4b5e1c03d04bb82780a2d0f08469bb589b6fe8f0d4cc2a140b16344f5bd1
OnionDukeD433F281CF56015941A1C2CB87066CA62EA1DB37d1ce79089578da2d41f1ad901f7b10140102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
OnionDukeE09F283ADE693FF89864F6EC9C2354091FBD186E80a93e5dd3a3ea22f9a9af1547f797abdf03f0ae0622f5040bf449ab8b7559a97da7f746cc2ce24a8ad5336b18699296
OnionDukeE519198DE4CC8BCB0644AA1AB6552B1D15C99A0Ed33e91246924adb5edc97ceae8a600844558eb18504f724e4f33f1504ff924ce64701d26d703cf1e42a48504e7f51927
OnionDukeF2B4B1605360D7F4E0C47932E555B36707F287BE591a5ef38c1be504fbbc88219eb39692d04bef6765408d528fdf82a46c157b44e8b5e7762a15b0264033c9558ccc48dd
OnionDukeF3DCBC016393497F681E12628AD9411C27E57D48f23a89f3b7b6fa1312e6a10ede4e23a6316528ade312cc5ed76f0b44c7f2c2fc84f60ae215992d9393f57431383cf776
APT29_2015-09_FSecure_THE DUKES7 years of Russian cyberespionageSeaDuke
SeaDuke3459D9C27C31C0E8B2EA5B21FDC200E784C7EDF4e315436c42e681962a8e174ef7fad480c0b939598bf5913885b1837637f166fda09d932f3484525c8cbcc0b1efba2520
SeaDukeAA7CF4F1269FA7BCA784A18E5CECAB962B901CC222a46be630c877e2885c51147de10863c11212ff6474a15402ac848d1e4b9c6ced3deafb959b59837f14b834e5d0ad15
SeaDukeBB71254FBD41855E8E70F05231CE77FEE6F00388a25ec7749b2de12c2a86167afa88a4dd3eb86b7b067c296ef53e4857a74e09f12c2b84b666fc130d1f58aec18bc74b0d
APT29APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee0B3852AE641DF8ADA629E245747062F889B26659.exe_d41d8cd98f00b204e9800998ecf8427ee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National Committee74C190CD0C42304720C686D50F8184AC3FADDBE9.exe_d41d8cd98f00b204e9800998ecf8427ee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National CommitteeCB872EDD1F532C10D0167C99530A65C4D4532A1E.exe_d41d8cd98f00b204e9800998ecf8427ee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National CommitteeE2B98C594961AAE731B0CCEE5F9607080EC57197_pagemgr.exe_d41d8cd98f00b204e9800998ecf8427ee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
APT29_2016-06_Crowdstrike_Bears in the Midst Intrusion into the Democratic National CommitteeF09780BA9EB7F7426F93126BC198292F5106424B_VmUpgradeHelper.exe_d41d8cd98f00b204e9800998ecf8427ee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
APT29APT29_2016-11_Volexity_PowerDukePostElection
APT29_2016-11_Volexity_PowerDukePostElectionSamples
Samples4BCBF078A78BA0E842F78963BA9DD71240AB6A6D_cldsys.dll_57c627d68e156676d08bfc0829b943316119c92f5b5cb2cd953925e17ceb4a02a9007029dd27a35d44b116ff9718f814
Samples5CC807F80F14BC4A1D6036865E50D576200DFD2E_RWP16-038_Norris.exe_3335f0461e5472803f4b19b706eaf4b54538af0a76fecc6e45e6d45c22618c52ba89bf596a0b68dd2d4d2358fb5c86ef
Samples68CE4C0324F03976247FF48803A7D988F9F9F43F_37486-the-shocking-truth-about-election-rigging-in-america.rtf.lnk_f713d5df826c6051e65f995e57d6817d2d2fa32f928f8abf31b9e79153422d65fe72cd5ad0d1f815a9d2ffa42fc8d224
SamplesA76C02C067EAE26D78F4B494274DFA6AEDC6FA7A_37486.ZIP_f79caf27a99c091e6c1775b306993341f37da55a4329df13b1283cbfd237ae832cebb4b9c4ed16e5a1e0b98d9b7fdf25
SamplesB5684384C8028F0324ED7119F6ABF379F2789970_election-headlines-FTE2016.docm_a8e700492e113f73558131d94bc9ae2fef4a4319b9c37c1f05a4cbfb136c0eaf4a05476028d40a2a6bb07afc567f0f88
SamplesD5DCF445830C54AF145C0DFEAEBF28F8EC780EB5_RWP_16-038_Norris.ZIP_8b3050a95e3ce00424b85f6e9cc3ccec6412ea144bb0b8f7d32becda26cd1549825fd7b282f1f96319e5f4000e3d4618
APT29APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree
APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree617BA99BE8A7D0771628344D209E9D8A_Star Polk.exe_617ba99be8a7d0771628344d209e9d8a9f918fb741e951a10e68ce6874b839aef5a26d60486db31e509f8dcaa13acec5
APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree7FCE89D5E3D59D8E849D55D604B70A6F_default.php_7fce89d5e3d59d8e849d55d604b70a6f2d5afec034705d2dc398f01c100636d51eb446f459f1c2602512fd26e86368e4
APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree81F1AF277010CB78755F08DFCC379CA6_ fhyge.rtf_81f1af277010cb78755f08dfcc379ca6ac30321be90e85f7eb1ce7e211b91fed1d1f15b5d3235b9c1e0dad683538cc8e
APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Tree8f154d23ac2071d7f179959aaba37ad5.dll_SayWhatBackdoor8f154d23ac2071d7f179959aaba37ad555058d3427ce932d8efcbe54dccf97c9a8d1e85c767814e34f4b2b6a6b305641
APT29_2016-12_Chris_Grizzly SteppeLighting up Like A Christmas Treeae7e3e531494b201fbf6021066ddd188.dll_SayWhatBackdoorae7e3e531494b201fbf6021066ddd1889acba7e5f972cdd722541a23ff314ea81ac35d5c0c758eb708fb6e2cc4f598a0
APT29_2017-03_Fireeye_Domain_Fronting_with_Tor8ddef83c57a5a752b20e3f98209acba42ab6c907b4fe844c01294a8dcfbc11ba966124b5b5aeb8af34a49d112fdbea60
APT29_2017-03_Fireeye_Domain_Fronting_with_Tor57e2f0fdc2566f11af661dc02e989dd65132a3f4_GoogleService.exe_31b3069cef380b4bf85e75a8885bcee82f39dee2ee608e39917cc022d9aae399959e967a2dd70d83b81785a98bd9ed36
APT29_2017-03_Fireeye_Domain_Fronting_with_Tor6842243f5a41f66a81b85ee524c3cfc7ace10da8_googleService.exe_628d4f33bd604203d25dbc6a5bb35b90fe744a5b2d07de396a8b3fe97155fc64e350b76d88db36c619cd941279987dc5

Continue reading